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Use  this  PDF  to  find  the  documentation  resources  and  other  technical  information  that  you  need  to  learn  about  the 
command  shell,  and  to  automate  command-line  tasks  by  using  scripts  or  scripting  tools. 

To  find  information  about  a  specific  command,  in  the  following  A-Z  menu,  click  the  letter  that  the  command  starts 
with,  and  then  click  the  command  name. 

A|B|C|D|E|F|G|H|l|J|K|L|M|N|0|P|Q|R|S|T|U|V|W|X|Y|Z 

Prerequisites 

The  information  that  is  contained  in  this  PDF  applies  to: 

•  Windows  Server  (Semi-Annual  Channel) 

•  Windows  Server  201 6 

•  Windows  Server  2012  R2 

•  Windows  Server  2012 

•  Windows  Server  2008  R2 

•  Windows  Server  2008 

•  Windows  1 0 

•  Windows  8.1 

Command  shell  overview 

The  command  shell  is  a  software  program  that  provides  direct  communication  between  the  user  and  the  operating 
system.  The  non-graphical,  command  shell  user  interface  provides  the  environment  in  which  you  run  character- 
based  applications  and  utilities.  The  command  shell  executes  programs  and  displays  their  output  on  the  screen  by 
using  individual  characters  similar  to  the  MS-DOS  command  interpreter,  Command.com.  The  command  shell  in 
the  Windows  Server  operating  system  uses  the  command  interpreter,  Cmd.exe.  Cmd.exe  loads  applications,  directs 
the  flow  of  information  between  applications,  and  translates  user  input  into  a  form  that  the  operating  system 
understands. 

You  can  use  the  command  shell  to  create  and  edit  scripts  to  automate  routine  tasks.  For  example,  you  can  create 
simple  scripts  in  batch  (.bat)  files  to  automate  the  management  of  user  accounts  or  nightly  backups.  You  can  also 
use  the  command-line  version  of  Windows  Script  Flost  to  run  more  sophisticated  scripts  in  the  command  shell.  For 
more  information,  see  cscript  or  wscript.  You  can  perform  operations  more  efficiently  by  using  scripts  than  you  can 
by  using  the  user  interface.  Scripts  accept  all  commands  that  are  available  at  the  command  line. 

Customize  the  Command  prompt  window 

You  can  change  the  properties  for  the  Command  prompt  window. 

To  configure  the  Command  prompt  window 

1 .  Open  a  Command  prompt  window,  click  the  upper-left  corner  of  the  Command  prompt  window,  and  then  click 
Properties.  (Or  to  open  Command  prompt  Properties  from  the  keyboard,  press  ALT+ SPACE  BAR +  P.) 

2.  Click  the  Options  tab. 

3.  In  Command  History,  type  or  select  999  in  Buffer  Size,  and  then  type  or  select  5  in  Number  of  Buffers.  By 
increasing  the  screen  buffer  size  to  999,  you  enable  scrolling  through  the  Command  prompt  window.  By 
increasing  the  number  of  buffers  to  five,  you  increase  the  number  of  lines  in  the  Command  prompt  window  to 
5000. 


4.  In  edit  Options,  select  the  Quick  edit  mode  and  Insert  mode  check  boxes. 

5.  Click  the  Layout  tab. 

6.  In  Screen  Buffer  Size,  type  or  select  2500  in  Height. 

7.  To  further  customize  your  Command  prompt  window  settings,  perform  any  of  the  following  optional  tasks: 

•  In  Screen  Buffer  Size,  increase  Width. 

•  In  Window  Size,  increase  Height. 

•  In  Window  Size,  increase  Width. 

•  Clear  the  Let  system  position  window  check  box,  and  then,  in  Window  Position,  change  the  values  in 

Left  and  Top. 

8.  In  the  Apply  Properties  dialog  box,  click  Save  properties  for  future  windows  with  same  title. 


NOTE 

To  enable  or  disable  file  and  directory  name  completion  on  a  computer  or  user  logon  session,  run  regedit.exe  and  set  the 
following  reg_DWOrd  value: 

HKEY_LOCAL_MACHINE\Software\Microsoft\Command  Processor\completionChar\reg_DWOrd 

To  set  the  reg_DWOrd  value,  use  the  hexadecimal  value  of  a  control  character  for  a  particular  function  (for  example,  0  9  is 
Tab  and  0  08  is  Backspace).  User-specified  settings  take  precedence  over  computer  settings,  and  command-line  options  take 
precedence  over  registry  settings. 


Caution 

Incorrectly  editing  the  registry  may  severely  damage  your  system.  Before  making  changes  to  the  registry,  you 
should  back  up  any  valued  data  on  the  computer. 

Command-line  reference  A-Z 

To  find  information  about  a  specific  command,  in  the  following  A-Z  menu,  click  the  letter  that  the  command  starts 
with,  and  then  click  the  command  name. 

A|B|C|D|E|F|G|H|l|J|K|L|M|N|0|P|Q|R|S|T|U|V|W|X|Y|Z 

A 

•  append 

•  arp 

•  assoc 

•  at 

•  atmadm 

•  attrib 

•  auditpol 

•  autochk 

•  autoconv 

•  autofmt 

B 

•  bed  boot 

•  bededit 

•  bdehdcfg 

•  bitsadmin 

o  bitsadmin  addfile 
o  bitsadmin  addfileset 


o  bitsadmin  addfilewithranges 
o  bitsadmin  cancel 
o  bitsadmin  complete 
o  bitsadmin  create 
o  bitsadmin  getaclflags 
o  bitsadmin  getbytestotal 
o  bitsadmin  getbytestransferred 
o  bitsadmin  getcompletiontime 
o  bitsadmin  getcreationtime 
o  bitsadmin  getdescription 
o  bitsadmin  getdisplayname 
o  bitsadmin  geterror 
o  bitsadmin  geterrorcount 
o  bitsadmin  getfilestotal 
o  bitsadmin  getfilestransferred 
o  bitsadmin  getminretrydelay 
o  bitsadmin  getmodificationtime 
o  bitsadmin  getnoprogresstimeout 
o  bitsadmin  getnotifycmdline 
o  bitsadmin  getnotifyflags 
o  bitsadmin  getnotify interface 
o  bitsadmin  getowner 
o  bitsadmin  get  priority 
o  bitsadmin  getproxybypasslist 
o  bitsadmin  getproxylist 
o  bitsadmin  getproxyusage 
o  bitsadmin  getreplydata 
o  bitsadmin  getreplyfilename 
o  bitsadmin  getreplyprogress 
o  bitsadmin  getstate 
o  bitsadmin  gettype 
o  bitsadmin  help 
o  bitsadmin  info 
o  bitsadmin  list 
o  bitsadmin  listfiles 
o  bitsadmin  monitor 
o  bitsadmin  nowrap 
o  bitsadmin  rawreturn 
o  bitsadmin  removecredentials 
o  bitsadmin  replaceremoteprefix 
o  bitsadmin  reset 
o  bitsadmin  resume 
o  bitsadmin  setaclflag 
o  bitsadmin  setcredentials 
o  bitsadmin  setdescription 
o  bitsadmin  setdisplayname 


o  bitsadmin  setminretrydelay 
o  bitsadmin  setnoprogresstimeout 
o  bitsadmin  setnotifycmdline 
o  bitsadmin  setnotifyflags 
o  bitsadmin  setpriority 
o  bitsadmin  setproxysettings 
o  bitsadmin  setrepiyfilename 
o  bitsadmin  suspend 
o  bitsadmin  takeownership 
o  bitsadmin  Transfer 
o  bitsadmin  util 
o  bitsadmin  wrap 

•  bootcfg 

o  bootcfg  addsw 
o  bootcfg  copy 
o  bootcfg  dbgl  394 
o  bootcfg  debug 
o  bootcfg  default 
o  bootcfg  delete 
o  bootcfg  ems 
o  bootcfg  query 
o  bootcfg  raw 
o  bootcfg  rmsw 
o  bootcfg  timeout 

•  break 


C 

•  cacls 
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•  cd 

•  certreq 
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o  change  logon 
o  change  port 
o  change  user 
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•  chgport 
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•  chkdsk 
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•  clip 
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•  fondue 

•  for 

•  forfiles 

•  format 

•  freedisk 


•  fsutil 
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fsutil 
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•  ftp 

•  ftype 

•  fveupdate 

G 

•  getmac 

•  gettype 

•  goto 

•  gpfixup 

•  gpresult 

•  gpupdate 

•  graftabl 

H 

•  help 

•  helpctr 

•  hostname 


I 

•  icacls 

•  if 

•  inuse 

•  ipconfig 

•  ipxroute 

•  irftp 
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•  jetpack 

K 

•  klist 

•  ksetup 

o  ksetup:setrealm 
o  ksetup:mapuser 
o  ksetup:addkdc 
o  ksetup:delkdc 
o  ksetup:addkpasswd 
o  ksetup:delkpasswd 
o  ksetup:server 
o  ksetup:setcomputerpassword 
o  ksetup:removerealm 
o  ksetup:domain 
o  ksetupxhangepassword 
o  ksetup:listrealmflags 
o  ksetup:setrealmflags 
o  ksetup:addrealmflags 
o  ksetup:delrealmflags 
o  ksetup:dumpstate 
o  ksetup:addhosttorealmmap 
o  ksetup:delhosttorealmmap 
o  ksetup:setenctypeattr 
o  ksetup:getenctypeattr 
o  ksetup:addenctypeattr 
o  ksetup:delenctypeattr 

•  ktmutil 

•  ktpass 

L 

•  label 

•  lodctr 

•  logman 

o  logman  create 
o  logman  query 
o  logman  start  8i1 24;  stop 
o  logman  delete 
o  logman  update 
o  logman  import  &1 24;  export 

•  logoff 

•  ipq 

•  Ipr 

M 

•  macfiie 

•  makecab 

•  manage-bde 


o  manage-bde:  status 

o  manage-bde:  on 

o  manage-bde:  off 

o  manage-bde:  pause 

o  manage-bde:  resume 

o  manage-bde:  lock 

o  manage-bde:  unlock 

o  manage-bde:  autounlock 

o  manage-bde:  protectors 

o  manage-bde:  tpm 

o  manage-bde:  setidentifier 

o  manage-bde:  ForceRecovery 

o  manage-bde:  changepassword 

o  manage-bde:  changepin 

o  manage-bde: changekey 

o  manage-bde:  KeyPackage 

o  manage-bde:  upgrade 

o  manage-bde:  Wipe FreeS pace 

mapadmin 

Md 

mkdir 

mklink 

mmc 

mode 

more 

mount 

mountvol 

move 

mqbkup 

mqsvc 

mqtgsvc 

msdt 

msg 

msiexec 

msinfo32 

mstsc 

nbtstat 

netcfg 

netsh 

netstat 

Net  print 

nfsadmin 

nfsshare 

nfsstat 

nlbmgr 


•  nslookup 

o  nslookup  exit  command 
o  nslookup  finger  command 
o  nslookup  help 
o  nslookup  Is 
o  nslookup  Iserver 
o  nslookup  root 
o  nslookup  server 
o  nslookup  set 
o  nslookup  set  all 
o  nslookup  set  class 
o  nslookup  set  d2 
o  nslookup  set  debug 
o  nslookup  set  domain 
o  nslookup  set  port 
o  nslookup  set  querytype 
o  nslookup  set  recurse 
o  nslookup  set  retry 
o  nslookup  set  root 
o  nslookup  set  search 
o  nslookup  set  srchlist 
o  nslookup  set  timeout 
o  nslookup  set  type 
o  nslookup  set  vc 
o  nslookup  view 

•  ntbackup 

•  ntcmdprompt 

•  ntfrsutl 


O 

•  openfiles 

P 

•  pagefileconfig 

•  path 

•  pathping 

•  pause 

•  pbadmin 

•  pentnt 

•  perfmon 

•  ping 

•  pnpunattend 

•  pnputil 

•  popd 

•  PowerShell 

•  PowerShelIJse 

•  print 


•  prncnfg 

•  prndrvr 

•  prnjobs 

•  prnmngr 

•  prnport 

•  prnqctl 

•  prompt 

•  pubprn 

•  pushd 

•  pushprinterconnections 

Q 

•  qappsrv 

•  qprocess 

•  query 

•  quser 

•  qwinsta 

R 

•  rep 

•  rd 

•  rdpsign 

•  recover 

•  reg 

o  reg  add 
o  reg  compare 
o  reg  copy 
o  reg  delete 
o  reg  export 
o  reg  import 
o  reg  load 
o  reg  query 
o  reg  restore 
o  reg  save 
o  reg  unload 

•  regini 

•  regsvr32 

•  relog 

•  rem 

•  ren 

•  rename 

•  repair-bde 

•  replace 

•  reset  session 

•  rexec 


•  risetup 

•  rmdir 


•  robocopy 

•  route_ws2008 

•  rpcinfo 

•  rpcping 

•  rsh 

•  rundll32 

•  rwinsta 


S 

•  schtasks 

•  scwcmd 

o  scwcmd:  analyze 
o  scwcmd:  configure 
o  scwcmd:  register 
o  scwcmd:  rollback 
o  scwcmd:  transform 
o  scwcmd:  view 

•  secedit 

o  seceditanalyze 
o  seceditconfigure 
o  seceditexport 
o  secedit:generaterollback 
o  secedit:import 
o  seceditvalidate 

•  serverceipoptin 

•  Servermanagercmd 

•  serverweroptin 

•  set 

•  setlocal 

•  setx 

•  sfc 

•  shadow 

•  shift 

•  showmount 

•  shutdown 

•  sort 

•  start 

•  subst 

•  sxstrace 

•  sysocmgr 

•  system  info 

T 

•  takeown 

•  tapicfg 

•  taskkill 

•  tasklist 


•  tcm  setup 

•  telnet 

•  tftp 

•  time 

•  timeout 

•  title 

•  tlntadmn 

•  tpmvscmgr 

•  tracerpt 

•  tracert 

•  tree 

•  tscon 

•  tsdiscon 

•  tsecimp 

•  tskill 

•  tsprof 

•  type 

•  typeperf 

•  tzutil 

U 

•  unlodctr 

V 

•  ver 

•  verifier 

•  verify 

•  vol 

W 

•  waitfor 

•  wbadmin 

o  wbadmin  enable  backup 
o  wbadmin  disable  backup 
o  wbadmin  start  backup 
o  wbadmin  stopjob 
o  wbadmin  get  versions 
o  wbadmin  get  items 
o  wbadmin  start  recovery 
o  wbadmin  get  status 
o  wbadmin  get  disks 
o  wbadmin  start  systemstaterecovery 
o  wbadmin  start  systemstatebackup 
o  wbadmin  delete  systemstatebackup 
o  wbadmin  start  sysrecovery 
o  wbadmin  restore  catalog 
o  wbadmin  delete  catalog 


wdsutil 


•  wecutil 

•  wevtutil 

•  where 

•  whoami 

•  winnt 

•  winnt32 

•  winpop 

•  winrs 

•  wlbs 

•  wmic 

•  wscript 

X 

•  xcopy 
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The  following  table  describes  the  notation  used  to  indicate 
command-line  syntax. 


NOTATION 

DESCRIPTION 

Text  without  brackets  or  braces 

Items  you  must  type  as  shown 

<Text  inside  angle  brackets> 

Placeholder  for  which  you  must 
supply  a  value 

[Text  inside  square  brackets] 

Optional  items 

{Text  inside  braces} 

Set  of  required  items;  choose 

one 

Vertical  bar  (|) 

Separator  for  mutually  exclusive 
items;  choose  one 

Ellipsis  (...) 

Items  that  can  be  repeated 

Commands  by  Server  Role 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

A  server  role  describes  the  primary  function  of  the  server.  Administrators  can  choose  to  dedicate  an  entire  server 
to  one  role,  or  install  multiple  server  roles  and  sub  roles  on  a  single  computer.  Each  role  may  include  additional 
command-line  tools,  installed  as  part  of  the  role.  The  following  topics  provide  a  list  of  commands  associated  with 
each  server  role. 

•  Print  Command  Reference 

•  Services  for  Network  File  System  Command  Reference 

•  Remote  Desktop  Services  (Terminal  Services)  Command  Reference 

•  Windows  Server  Backup  Command  Reference 


print  Command  Reference 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 

Windows  Server  2012 

The  following  is  a  list  of  print  command-line  tools. 

COMMAND 

DESCRIPTION 

[lpq]lpq.md) 

Displays  the  status  of  a  print  queue  on  a  computer  running 

Line  printer  Daemon  (LPD). 

Ipr 

Sends  a  file  to  a  computer  or  printer  sharing  device  running 
the  Line  printer  Daemon  (LPD)  service  in  preparation  for 
printing. 

Net  print 

Displays  information  about  a  specified  printer  queue,  displays 
information  about  a  specified  print  job,  or  controls  a  specified 
print  job. 

print 

Sends  a  text  file  to  a  printer. 

prncnfg 

Configures  or  displays  configuration  information  about  a 
printer. 

prndrvr 

adds,  deletes,  and  lists  printer  drivers. 

prnjobs 

pauses,  resumes,  cancels,  and  lists  print  jobs. 

prnmngr 

adds,  deletes,  and  lists  printers  or  printer  connections,  in 
addition  to  setting  and  displaying  the  default  printer. 

prnport 

creates,  deletes,  and  lists  standard  TCP/IP  printer  ports,  in 
addition  to  displaying  and  changing  port  configuration. 

prnqctl 

prints  a  test  page,  pauses  or  resumes  a  printer,  and  clears  a 
printer  queue. 

pubprn 

Publishes  a  printer  to  the  active  directory  directory  service. 

rundll32  printui.dll, printlll Entry 


Enables  you  to  automate  the  installation  and  configuration  of 
printers  using  scripts  or  the  command  prompt. 


Services  for  Network  File  System  Command 
Reference 
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Services  for  Network  File  System  (NFS)  provides  a  file  sharing  solution  that  enables  you  to  transfer  files  between 
computers  running  Windows  Server  2008  and  UNIX  operating  systems  using  the  NFS  protocol. 

The  following  is  a  list  of  NFS  command-line  tools. 


COMMAND 

DESCRIPTION 

mapadmin 

Manage  User  Name  Mapping  for  Microsoft  Services  for 
Network  File  System. 

Mount 

Mount  Network  File  System  (NFS)  network  shares. 

Nfsadmin 

Manage  Server  for  NFS  and  Client  for  NFS. 

Nfsshare 

Control  Network  File  System  (NFS)  shares. 

Nfsstat 

Display  or  reset  counts  of  calls  made  to  Server  for  NFS. 

Rpcinfo 

List  programs  on  remote  computers. 

Showmount 

Display  mounted  directories. 

remote  Desktop  Services  (Terminal  Services) 
Command  Reference 

1 0/24/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 


The  following  is  a  list  of  remote  Desktop  Services  command-line  tools. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


COMMAND 

DESCRIPTION 

change 

changes  remote  Desktop  Session  Host  (rd  Session  Host) 
server  settings  for  logons,  COM  port  mappings,  and  install 
mode. 

change  logon 

Enables  or  disables  logons  from  client  sessions  on  an  rd 
Session  Host  server,  or  displays  current  logon  status. 

change  port 

lists  or  changes  the  COM  port  mappings  to  be  compatible 
with  MS-DOS  applications. 

change  user 

changes  the  install  mode  for  the  rd  Session  Host  server. 

chglogon 

Enables  or  disables  logons  from  client  sessions  on  an  rd 
Session  Host  server,  or  displays  current  logon  status. 

chgport 

lists  or  changes  the  COM  port  mappings  to  be  compatible 
with  MS-DOS  applications. 

chgusr 

changes  the  install  mode  for  the  rd  Session  Host  server. 

flattemp 

Enables  or  disables  flat  temporary  folders. 

logoff 

Logs  off  a  user  from  a  session  on  an  rd  Session  Host  server 
and  deletes  the  session  from  the  server. 

msg 

Sends  a  message  to  a  user  on  an  rd  Session  Host  server. 

mstsc 

creates  connections  to  rd  Session  Host  servers  or  other 
remote  computers. 

qappsrv 

Displays  a  list  of  all  rd  Session  Host  servers  on  the  network. 

qprocess 

Displays  information  about  processes  that  are  running  on  an 
rd  Session  Host  server. 

query 

Displays  information  about  processes,  sessions,  and  rd 
Session  Host  servers. 

COMMAND 

DESCRIPTION 

query  process 

Displays  information  about  processes  that  are  running  on  an 
rd  Session  Host  server. 

query  session 

Displays  information  about  sessions  on  an  rd  Session  Host 

server. 

query  termserver 

Displays  a  list  of  all  rd  Session  Host  servers  on  the  network. 

query  user 

Displays  information  about  user  sessions  on  an  rd  Session 

Host  server. 

quser 

Displays  information  about  user  sessions  on  an  rd  Session 

Host  server. 

qwinsta 

Displays  information  about  sessions  on  an  rd  Session  Host 

server. 

rdpsign 

Enables  you  to  digitally  sign  a  remote  Desktop  Protocol 
(.rd p)  file. 

reset  session 

Enables  you  to  reset  (delete)  a  session  on  an  rd  Session  Host 

server. 

rwinsta 

Enables  you  to  reset  (delete)  a  session  on  an  rd  Session  Host 

server. 

shadow 

Enables  you  to  remotely  control  an  active  session  of  another 
user  on  an  rd  Session  Host  server. 

tscon 

Connects  to  another  session  on  an  rd  Session  Host  server. 

tsdiscon 

Disconnects  a  session  from  an  rd  Session  Host  server. 

tskill 

Ends  a  process  running  in  a  session  on  an  rd  Session  Host 

server. 

tsprof 


Copies  the  remote  Desktop  Services  user  configuration 
information  from  one  user  to  another. 
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The  following  subcommands  for  wbadmin  provide  backup  and  recovery  functionality  from  a  command  prompt. 

To  configure  a  backup  schedule,  you  must  be  a  member  of  the  Administrators  group.  To  perform  all  other  tasks 
with  this  command,  you  must  be  a  member  of  the  Backup  Operators  or  the  Administrators  group,  or  you  must 
have  been  delegated  the  appropriate  permissions. 

You  must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt,  click  Start, 
right-click  Command  Prompt,  and  then  click  Run  as  administrator.) 


SUBCOMMAND 

DESCRIPTION 

Wbadmin  enable  backup 

Configures  and  enables  a  daily  backup  schedule. 

Wbadmin  disable  backup 

Disables  your  daily  backups. 

Wbadmin  start  backup 

Runs  a  one-time  backup.  If  used  with  no  parameters,  uses  the 
settings  from  the  daily  backup  schedule. 

Wbadmin  stop  job 

Stops  the  currently  running  backup  or  recovery  operation. 

Wbadmin  get  versions 

Lists  details  of  backups  recoverable  from  the  local  computer 
or,  if  another  location  is  specified,  from  another  computer. 

Wbadmin  get  items 

Lists  the  items  included  in  a  specific  backup. 

Wbadmin  start  recovery 

Runs  a  recovery  of  the  volumes,  applications,  files,  or  folders 
specified. 

Wbadmin  get  status 

Shows  the  status  of  the  currently  running  backup  or  recovery 
operation. 

Wbadmin  get  disks 

Lists  disks  that  are  currently  online. 

Wbadmin  start  systemstaterecovery 

Runs  a  system  state  recovery. 

Wbadmin  start  systemstatebackup 

Runs  a  system  state  backup. 

Wbadmin  delete  systemstatebackup 

Deletes  one  or  more  system  state  backups. 

Wbadmin  start  sysrecovery 

Runs  a  recovery  of  the  full  system  (at  least  all  the  volumes 
that  contain  the  operating  system's  state).  This  subcommand 
is  only  available  if  you  are  using  the  Windows  Recovery 
Environment. 

Wbadmin  restore  catalog 

Recovers  a  backup  catalog  from  a  specified  storage  location  in 
the  case  where  the  backup  catalog  on  the  local  computer  has 
been  corrupted. 

SUBCOMMAND 

DESCRIPTION 

Wbadmin  delete  catalog 

Deletes  the  backup  catalog  on  the  local  computer.  Use  this 
command  only  if  the  backup  catalog  on  this  computer  is 
corrupted  and  you  have  no  backups  stored  at  another 
location  that  you  can  use  to  restore  the  catalog. 

append 
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Allows  programs  to  open  data  files  in  specified  directories  as  if  they  were  in  the  current  directory.  If  used  without 
parameters,  append  displays  the  appended  directory  list. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

append  [ [<Drive>: ]<Path>[; . . . ] ]  [/x[ :on | :off ] ]  [/path:[ 
append  ; 

:on | :off]  [/e] 

Parameters 

PARAMETER 

DESCRIPTION 

[<  Drive> :] 

Specifies  a  drive  and  directory  to  append. 

/x:on 

Applies  appended  directories  to  file  searches  and  launching 
applications. 

/x:off 

Applies  appended  directories  only  to  requests  to  open  files. 
/x:off  is  the  default  setting. 

/path:on 

Applies  appended  directories  to  file  requests  that  already 
specify  a  path.  /path:on  is  the  default  setting. 

/path:off 

Turns  off  the  effect  of /path:on. 

/e 

Stores  a  copy  of  the  appended  directory  list  in  an  environment 
variable  named  APPEND,  /e  may  be  used  only  the  first  time 
you  use  append  after  starting  your  system. 

;  Clears  the  appended  directory  list. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  clear  the  appended  directory  list,  type: 

append  ; 


To  store  a  copy  of  the  appended  directory  to  an  environment  variable  named  APPEND,  type: 

append  /e 


Additional  references 

Command-Line  Syntax  Key 


arp 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Displays  and  modifies  entries  in  the  address  Resolution  Protocol  (arp)  cache,  which  contains  one  or  more  tables 
that  are  used  to  store  I P  addresses  and  their  resolved  Ethernet  or  Token  Ring  physical  addresses.  There  is  a 
separate  table  for  each  Ethernet  or  Token  Ring  network  adapter  installed  on  your  computer.  Used  without 
parameters,  arp  displays  help. 

Syntax 

arp  [/a  [<Inetaddr>]  [/n  <ifaceaddr>] ]  [/g  [<Inetaddr>]  [-n  <ifaceaddr>] ]  [/d  <Inetaddr>  [<ifaceaddr>] ]  [/s 
<Inetaddr>  <Etheraddr>  [<ifaceaddr>] ] 


Parameters 

PARAMETER 


DESCRIPTION 


/a  []  [/n  ] 

Displays  current  arp  cache  tables  for  all  interfaces.  The  /n 
parameter  is  case-sensitive. 

To  display  the  arp  cache  entry  for  a  specific  IP  address,  use  arp 
/a  with  the  Inetaddr  parameter,  where  Inetaddr  is  an  IP 
address.  If  Inetaddr  is  not  specified,  the  first  applicable 
interface  is  used. 

To  display  the  arp  cache  table  for  a  specific  interface,  use  the 
/n ifaceaddr  parameter  in  conjunction  with  the  /a  parameter 
where  ifaceaddr  is  the  IP  address  assigned  to  the  interface. 

/g  D  t/n  ] 

Identical  to  /a. 

[/d  □ 

deletes  an  entry  with  a  specific  IP  address,  where  Inetaddr  is 
the  IP  address. 

To  delete  an  entry  in  a  table  for  a  specific  interface,  use  the 
ifaceaddr  parameter  where  ifaceaddr  is  the  IP  address 
assigned  to  the  interface. 

To  delete  all  entries,  use  the  asterisk  (*)  wildcard  character  in 
place  of  Inetaddr. 

/sO 

adds  a  static  entry  to  the  arp  cache  that  resolves  the  IP 
address  Inetaddr  to  the  physical  address  Etheraddr. 

To  add  a  static  arp  cache  entry  to  the  table  for  a  specific 
interface,  use  the  ifaceaddr  parameter  where  ifaceaddr  is  an 

IP  address  assigned  to  the  interface. 

/? 


Displays  help  at  the  command  prompt. 


remarks 

•  The  IP  addresses  for  Inetaddr  and  ifaceaddr  are  expressed  in  dotted  decimal  notation. 

•  The  physical  address  for  Etheraddr  consists  of  six  bytes  expressed  in  hexadecimal  notation  and  separated  by 
hyphens  (for  example,  00-AA-00-4F-2A-9C). 

•  Entries  added  with  the  /s  parameter  are  static  and  do  not  time  out  of  the  arp  cache.  The  entries  are  removed  if 
the  TCP/IP  protocol  is  stopped  and  started.  To  create  permanent  static  arp  cache  entries,  place  the  appropriate 
arp  commands  in  a  batch  file  and  use  Scheduled  Tasks  to  run  the  batch  file  at  startup.  ##  Examples  To  display 
the  arp  cache  tables  for  all  interfaces,  type:  arp  /a  To  display  the  arp  cache  table  for  the  interface  that  is 
assigned  the  IP  address  10.0.0.99,  type:  arp  /a  /n  10.0.0.99  To  add  a  static  arp  cache  entry  that  resolves  the  IP 
address  10.0.0.80  to  the  physical  address  00-AA-00-4F-2A-9C,  type:  arp  /s  10.0.0.80  0@-aa-0@-4f-2a-9C  ## 
additional  references 

•  Command-Line  Syntax  Key 


assoc 
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Displays  or  modifies  file  name  extension  associations.  If  used  without  parameters,  assoc  displays  a  list  of  all  the 
current  file  name  extension  associations. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

assoc  [< . ext>[=[<Filetype>] ] ] 


Parameters 

PARAMETER  DESCRIPTION 

<.ext>  Specifies  the  file  name  extension. 

<  FileType>  Specifies  the  file  type  to  associate  with  the  specified  file  name 

extension. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  To  remove  the  file  type  association  for  a  file  name  extension,  add  a  white  space  after  the  equal  sign  by  pressing 
the  SPACEBAR. 

•  To  view  current  file  types  that  have  open  command  strings  defined,  use  the  ftype  command. 

•  To  redirect  the  output  of  assoc  to  a  text  file,  use  the  >  redirection  operator. 

Examples 

To  view  the  current  file  type  association  for  the  file  name  extension  .txt,  type: 

assoc  .txt 


To  remove  the  file  type  association  for  the  file  name  extension  .bak,  type: 


To  view  the  output  of  assoc  one  screen  at  a  time,  type: 


assoc  |  more 


To  send  the  output  of  assoc  to  the  file  assoc.txt,  type: 


assooassoc  .txt 


Additional  references 

Command-Line  Syntax  Key 


at 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Schedules  commands  and  programs  to  run  on  a  computer  at  a  specified  time  and  date.  You  can  use  at  only  when 
the  Schedule  service  is  running.  Used  without  parameters,  at  lists  scheduled  commands. 

Syntax 

at  [ WcomputerName ]  [{[ID]  [/delete]  |  /delete  [/yes]}]  at  [[\\computerName]  Hours:Minutes  [/interactive] 
[{/every:dofe[,...]  |  /next:c/ofe[,...]}]  Command ] 

Parameters 

WcomputerName  Specifies  a  remote  computer.  If  you  omit  this  parameter,  at  schedules  the  commands  and 
programs  on  the  local  computer.  ID  Specifies  the  identification  number  assigned  to  a  scheduled  command. /delete 
Cancels  a  scheduled  command.  If  you  omit  ID,  all  of  the  scheduled  commands  on  the  computer  are  canceled,  /yes 
Answers  yes  to  all  queries  from  the  system  when  you  delete  scheduled  events.  Hours:Minutes  Specifies  the  time 
when  you  want  to  run  the  command,  time  is  expressed  as  Hours:Minutes  in  24-hour  notation  (that  is,  00:00 
[midnight]  through  23:59).  /interactive  Allows  Command  to  interact  with  the  desktop  of  the  user  who  is  logged 
on  at  the  time  Command  runs,  /every:  Runs  Command  on  every  specified  day  or  days  of  the  week  or  month  (for 
example,  every  Thursday,  or  the  third  day  of  every  month),  date  Specifies  the  date  when  you  want  to  run  the 
command.  You  can  specify  one  or  more  days  of  the  week  (that  is,  type  M,T,W,Th,F,S,Su)  or  one  or  more  days  of 
the  month  (that  is,  type  1  through  31).  Separate  multiple  date  entries  with  commas.  If  you  omit  date,  at  uses  the 
current  day  of  the  month,  /next:  Runs  Command  on  the  next  occurrence  of  the  day  (for  example,  next  Thursday). 
Command  Specifies  the  Windows  command,  program  (that  is,  .exe  or  .com  file),  or  batch  program  (that  is,  .bat  or 
.cmd  file)  that  you  want  to  run.  When  the  command  requires  a  path  as  an  argument,  use  the  absolute  path  (that  is, 
the  entire  path  beginning  with  the  drive  letter).  If  the  command  is  on  a  remote  computer,  specify  Universal  Naming 
Convention  (UNC)  notation  for  the  server  and  share  name,  rather  than  a  remote  drive  letter./?  Displays  help  at  the 
command  prompt. 

remarks 

•  schtasks  is  another  command-line  scheduling  tool  that  you  can  use  to  create  and  manage  scheduled  tasks.  For 
more  information  about  schtasks,  see  Related  Topics. 

•  Using  at  To  use  at,  you  must  be  a  member  of  the  local  Administrators  group. 

•  Loading  Cmd.exe  at  does  not  automatically  load  Cmd.exe,  the  command  interpreter,  before  running  commands. 
If  you  are  not  running  an  executable  (.exe)  file,  you  must  explicitly  load  Cmd.exe  at  the  beginning  of  the 
command  as  follows:  cmd  /c  dir  >  c:\test.out 

•  Viewing  scheduled  commands  When  you  use  at  without  command-line  options,  scheduled  tasks  appear  in  a 
table  formatted  similar  to  the  following: 

Status  ID  Day  time  Command  Line  OK  1  Each  F  4:30  PM  net  send  group  leads  status  due  OK  2  Each  M  12:00  AM 
chkstor  >  check. file  OK  3  Each  F  11:59  PM  backup2.bat 

•  Including  identification  number  {ID)  When  you  include  identification  number  (ID)  with  at  at  a  command 
prompt,  information  for  a  single  entry  appears  in  a  format  similar  to  the  following: 

Task  ID:  1  Status:  OK  Schedule:  Each  F  time  of  Day:  4:30  PM  Command:  net  send  group  leads  status  due  After 
you  schedule  a  command  with  at,  especially  a  command  that  has  command-line  options,  check  that  the 


command  syntax  is  correct  by  typing  at  without  command-line  options.  If  the  information  in  the  Command  Line 
column  is  incorrect,  delete  the  command  and  retype  it.  If  it  is  still  incorrect,  retype  the  command  with  fewer 
command-line  options. 

Viewing  results  Commands  scheduled  with  at  run  as  background  processes.  Output  is  not  displayed  on  the 
computer  screen.  To  redirect  output  to  a  file,  use  the  redirection  symbol  (>).  If  you  redirect  output  to  a  file,  you 
need  to  use  the  escape  symbol  (A)  before  the  redirection  symbol,  whether  you  are  using  at  at  the  command  line 
or  in  a  batch  file.  For  example,  to  redirect  output  to  Output.text,  type:  at  14:45  c:\test.bat  A> c:\output.txt  The 
current  directory  for  the  executing  command  is  the  systemroot  folder. 

Changing  system  time  if  you  change  the  system  time  at  a  computer  after  you  schedule  a  command  to  run  with 
at,  synchronize  the  at  scheduler  with  the  revised  system  time  by  typing  at  without  command-line  options. 
Storing  commands  Scheduled  commands  are  stored  in  the  registry.  As  a  result,  you  do  not  lose  scheduled  tasks 
if  you  restart  the  Schedule  service. 

Connecting  to  network  drives  Do  not  use  a  redirected  drive  for  scheduled  jobs  that  access  the  network.  The 
Schedule  service  might  not  be  able  to  access  the  redirected  drive,  or  the  redirected  drive  might  not  be  present  if 
a  different  user  is  logged  on  at  the  time  the  scheduled  task  runs.  Instead,  use  UNC  paths  for  scheduled  jobs.  For 
example:  at  1:00pm  my_backup  \\server\share  Do  not  use  the  following  syntax,  where  x:  is  a  connection 
made  by  the  user:  at  1:00pm  my_backup  x:  if  you  schedule  an  at  command  that  uses  a  drive  letter  to  connect 
to  a  shared  directory,  include  an  at  command  to  disconnect  the  drive  when  you  are  finished  using  the  drive.  If 
the  drive  is  not  disconnected,  the  assigned  drive  letter  is  not  available  at  the  command  prompt. 

Tasks  stopping  after  72  hours  By  default,  tasks  scheduled  using  the  at  command  stop  after  72  hours.  You  can 
modify  the  registry  to  change  this  default  value. 

1 .  start  registry  editor  (regedit.exe). 

2.  Locate  and  click  the  following  key  in  the  registry: 
HKEY_LOCAL„MACHINE\SYSTEM\CurrentControlSet\Services\Schedule 

3.  On  the  edit  menu,  click  add  Value,  and  then  add  the  following  registry  value:  Value  Name: 
atTaskMaxhlours  Data  type:  reg_DWOrd  Radix:  Decimal  Value  Data:  0.  A  value  of  0  in  the  value  data  field 
indicates  no  limit,  does  not  stop.  Values  from  1  through  99  indicates  the  number  of  hours.  Caution 

Incorrectly  editing  the  registry  may  severely  damage  your  system.  Before  making  changes  to  the  registry,  you 
should  back  up  any  valued  data  on  the  computer. 

Task  Scheduler  and  the  at  command  You  can  use  the  Scheduled  Tasks  folder  to  view  or  modify  the  settings  of  a 
task  that  was  created  by  using  the  at  command.  When  you  schedule  a  task  using  the  at  command,  the  task  is 
listed  in  the  Scheduled  Tasks  folder,  with  a  name  such  as  the  following:at3478.  However,  if  you  modify  an  at  task 
through  the  Scheduled  Tasks  folder,  it  is  upgraded  to  a  normal  scheduled  task.  The  task  is  no  longer  visible  to 
the  at  command,  and  the  at  account  setting  no  longer  applies  to  it.  You  must  explicitly  enter  a  user  account  and 
password  for  the  task.  ##  Examples  To  display  a  list  of  commands  scheduled  on  the  Marketing  server,  type:  at 
Wmarketing  To  learn  more  about  a  command  with  the  identification  number  3  on  the  Corp  server,  type:  at 
\\corp  3  To  schedule  a  net  share  command  to  run  on  the  Corp  server  at  8:00  A.M.  and  redirect  the  listing  to  the 
Maintenance  server,  in  the  Reports  shared  directory,  and  the  Corp.txt  file,  type:  at  \\corp  08:00  cmd  /c  "net 
share  reports=d:\marketing\reports  >>  \\maintenance\reports\corp.txt"  To  back  up  the  hard  drive  of  the 
Marketing  server  to  a  tape  drive  at  midnight  every  five  days,  create  a  batch  program  called  Archive.cmd,  which 
contains  the  backup  commands,  and  then  schedule  the  batch  program  to  run,  type:  at  Wmarketing  00:00 
/every:5,1 0,1 5,20,25,30  archive  To  cancel  all  commands  scheduled  on  the  current  server,  clear  the  at  schedule 
information  as  follows:  at  /delete  To  run  a  command  that  is  not  an  executable  (that  is,  .exe)  file,  precede  the 
command  with  cmd  /c  to  load  Cmd.exe  as  follows:  cmd  /c  dir  >  c:\test.out 


atmadm 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Monitors  connections  and  addresses  that  are  registered  by  the  atM  call  Manager  on  an  asynchronous  transfer 

mode  (atM)  network.  You 

can  use  atmadm  to  display  statistics  for  incoming  and  outgoing  calls  on  atM  adapters. 

Used  without  parameters,  atmadm  displays  statistics  for  monitoring  the  status  of  active  atM  connections. 

Syntax 

atmadm  [/c][/a][/s] 

Parameters 

PARAMETER 

DESCRIPTION 

/c 

Displays  call  information  for  all  current  connections  to  the  atM 
network  adapter  installed  on  this  computer. 

/a 

Displays  the  registered  atM  network  service  access  point 
(NSAP)  address  for  each  adapter  installed  in  this  computer. 

/s 

Displays  statistics  for  monitoring  the  status  of  active  atM 
connections. 

/?  Displays  help  at  the  command  prompt. 


remarks 

•  The  atmadm  /c  command  produces  output  similar  to  the  following: 

Windows  atM  call  Manager  Statistics  atM  Connections  on  Interface  :  [009]  Olicom  atM  PCI  155  Adapter 
Connection  VPI/VCI  remote  address/  Media  Parameters  (rates  in  bytes/sec)  In  PMP  SVC  0/193 
47000580FFE1000000F 2 1A2E 18002048 1A2E180B  Tx:UBR,Peak  0,Avg  0, MaxSdu  1516  Rx:UBR,Peak  16953936, Avg 
16953936, MaxSdu  1516  Out  P-P  SVC  0/192  47000580FFE1000000F21A2E180020481A2E180B  Tx:UBR,Peak  16953936, Avg 
16953936, MaxSdu  1516  Rx:UBR,Peak  16953936, Avg  16953936, MaxSdu  1516  In  PMP  SVC  0/191 
47000580FFE1000000F 2 1A2E 18002048 1A2E180B  Tx:UBR,Peak  0,Avg  0, MaxSdu  1516  Rx:UBR,Peak  16953936, Avg 
16953936, MaxSdu  1516  Out  P-P  SVC  0/190  47000580FFE1000000F21A2E180020481A2E180B  Tx:UBR,Peak  16953936, Avg 
16953936, MaxSdu  1516  Rx:UBR,Peak  16953936, Avg  16953936, MaxSdu  1516  In  P-P  SVC  0/475 
47000580FFE1000000F21A2E180000C110081501  Tx:UBR,Peak  16953984, Avg  16953984,MaxSdu  9188  Rx:UBR,Peak 
16953936, Avg  16953936, MaxSdu  9188  Out  PMP  SVC  0/194  47000580FFE1000000F21A2E180000C110081501  (0)  Tx:UBR,Peak 
16953984, Avg  16953984,MaxSdu  9180  Rx:UBR,Peak  0,Avg  0, MaxSdu  0  Out  P-P  SVC  0/474 
4700918100000000613E5BFE010000C110081500  Tx:UBR,Peak  16953984, Avg  16953984,MaxSdu  9188  Rx:UBR,Peak 
16953984, Avg  16953984, MaxSdu  9188  In  PMP  SVC  0/195  47000580FFE1000000F21A2E180000C110081500  Tx:UBR,Peak  0,Avg 
0, MaxSdu  0  Rx : UBR, Peak  16953936, Avg  16953936, MaxSdu  9180 

The  following  table  contains  descriptions  of  each  element  in  the  atmadm  /c  sample  output.  |type  of 

Data|Screen  Display| Description!  I . I' . I . ‘I  (Connection  lnformation|ln/Out|direction  of  the  call. 

In  is  to  the  atM  network  adapter  from  another  device.  Out  is  from  the  atM  network  adapter  to  another  device.| 
||PMP|Point-to-multipoint  cal l.|  ||P-P|Point-to-point  call.|  ||SVC|Connection  is  on  a  switched  virtual  circuit.! 
||PVC|Connection  is  on  a  permanent  virtual  circuit.!  | V P I /V C I  lnformation|VPI/VCI|Virtual  path  and  virtual 
channel  of  the  incoming  or  outgoing  call.|  |remote  address/Media 

Parameters|47000580FFE1 000000F21 A2E1 80000C1 1 0081 500|NSAP  address  of  the  calling  (In)  or  called 


(Out)  atM  device.|  ||Tx|The  Tx  parameter  includes  the  following  three  elements: 


-  Default  or  specified  bit-rate  type  (UBR,  CBR,  VBR,  or  ABR) 

-  Default  or  specified  line  speed 

-  Specified  service  data  unit  (SDU)  size|  ||Rx|The  Rx  parameter  includes  the  following  three  elements: 

-  Default  or  specified  bit-rate  type  (UBR,  CBR,  VBR,  or  ABR) 

-  Default  or  specified  line  speed 

-  Specified  SDU  size| 

The  atmadm  /a  command  produces  output  similar  to  the  following: 

Windows  atM  call  Manager  Statistics  atM  addresses  for  Interface  :  [009]  Olicom  atM  PCI  155  Adapter 
47000  580FFE1000000F  2 1A2E180000C1 10081 500 

The  atmadm  /s  command  produces  output  similar  to  the  following: 

Windows  atM  call  Manager  Statistics  atM  call  Manager  statistics  for  Interface  :  [009]  Olicom  atM  PCI  155 
Adapter  Current  active  calls  =  4  Total  successful  Incoming  calls  =  1332  Total  successful  Outgoing  calls  = 

1297  Unsuccessful  Incoming  calls  =  1  Unsuccessful  Outgoing  calls  =  1  calls  Closed  by  remote  =  1302  calls 
Closed  Locally  =  1323  Signaling  and  ILMI  Packets  Sent  =  33655  Signaling  and  ILMI  Packets  Received  =  34989 

The  following  table  contains  descriptions  of  each  element  in  the  atmadm  /s  sample  output.  |call  Manager 

Statistic! Description!  i . I" . I  (Current  active  calls|calls  currently  active  on  the  atM  adapter  installed 

on  this  computer.!  |Total  successful  Incoming  calls|calls  successfully  received  from  other  devices  on  this  atM 

network.!  | Total  successful  Outgoing  calls|calls  successfully  completed  to  other  atM  devices  on  this  network 

from  this  computer.!  (Unsuccessful  Incoming  calls|lncoming  calls  that  failed  to  connect  to  this  computer.! 

[Unsuccessful  Outgoing  calls|Outgoing  calls  that  failed  to  connect  to  another  device  on  the  network. |  |cal Is 

Closed  by  remote|calls  closed  by  a  remote  device  on  the  network.!  |calls  Closed  Locally|calls  closed  by  this 

computer.!  (Signaling  and  ILMI  Packets  Sent|Number  of  integrated  local  management  interface  (ILMI)  packets 

sent  to  the  switch  to  which  this  computer  is  attempting  to  connect.!  (Signaling  and  ILMI  Packets 

Received|Number  of  ILMI  packets  received  from  the  atM  switch. |  ##  Examples  To  display  call  information  for  all 

current  connections  to  the  atM  network  adapter  installed  on  this  computer,  type:  atmadm  /c  To  display  the 

registered  atM  network  service  access  point  (NSAP)  address  for  each  adapter  installed  in  this  computer,  type: 

atmadm  /a  To  display  statistics  for  monitoring  the  status  of  active  atM  connections,  type:  atmadm  /s  ## 

additional  references 

Command-Line  Syntax  Key 


attrib 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 

Displays,  sets,  or  removes  attributes  assigned  to  files  or  directories.  If  used  without  parameters,  attrib  displays 

attributes  of  all  files  in  the  current  directory. 

For  examples  of  how  to  use  this  command,  see  Exampf 

es. 

Syntax 

attrib  [{+| -}r ]  [{+| -}a]  [{+| -}s]  [{+|-}h]  [{+| -}i] 

[<Drive>: ] [<Path>] [<FileName>]  [/s  [/d]  [/!]] 

Parameters 

PARAMETER 

DESCRIPTION 

{  + 

-}r 

{  + 

-}a 

{  + 

-Is 

{  + 

-Ih 

{  + 

-}i 

[<  Drives :][][] 

Specifies  the  location  and  name  of  the  directory,  file,  or  group 
of  files  for  which  you  want  to  display  or  change  attributes.  You 
can  use  the  ?  and  *  wildcard  characters  in  the  FileName 
parameter  to  display  or  change  the  attributes  for  a  group  of 
files. 

/s 

Applies  attrib  and  any  command-line  options  to  matching 
files  in  the  current  directory  and  all  of  its  subdirectories. 

/d 

Applies  attrib  and  any  command-line  options  to  directories. 

/I 

Applies  attrib  and  any  command-line  options  to  the  Symbolic 
Link,  rather  than  the  target  of  the  Symbolic  Link. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  You  can  use  wildcard  characters  (?  and  *)  with  the  FileName  parameter  to  display  or  change  the  attributes  for  a 
group  of  files. 

•  If  a  file  has  the  System  (s)  or  Hidden  (h)  attribute  set,  you  must  clear  the  attribute  before  you  can  change  any 
other  attributes  for  that  file. 

•  The  Archive  attribute  (a)  marks  files  that  have  changed  since  the  last  time  they  were  backed  up.  Note  that  the 


xcopy  command  uses  archive  attributes. 


Examples 

To  display  the  attributes  of  a  file  named  News86  that  is  located  in  the  current  directory,  type: 

attrib  news86 


To  assign  the  Read-only  attribute  to  the  file  named  Report.txt,  type: 

attrib  +r  report.txt 


To  remove  the  Read-only  attribute  from  files  in  the  Public  directory  and  its  subdirectories  on  a  disk  in  drive  B,  type: 

attrib  -r  b :\public\*. *  /s 


To  set  the  Archive  attribute  for  all  files  on  drive  A,  and  then  clear  the  Archive  attribute  for  files  with  the  .bak 
extension,  type: 

attrib  +a  a:*.*  &  attrib  -a  a:*. bak 


auditpol 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  information  about  and  performs  functions  to  manipulate  audit  policies. 

For  examples  of  how  this  command  can  be  used,  see  the  Examples  section  in  each  topic. 

Syntax 

Auditpol  command  [<sub-commandxoptions>] 


Parameters 

SUBCOMMAND  DESCRIPTION 


/get 

Displays  the  current  audit  policy. 

See  Auditpol  get  for  syntax  and  options. 

/set 

Sets  the  audit  policy. 

See  Auditpol  set  for  syntax  and  options. 

/list 

Displays  selectable  policy  elements. 

See  Auditpol  list  for  syntax  and  options. 

/backup 

Saves  the  audit  policy  to  a  file. 

See  Auditpol  backup  for  syntax  and  options. 

/restore 

Restores  the  audit  policy  from  a  file  that  was  previously 
created  by  using  auditpol  /backup. 

See  Auditpol  restore  for  syntax  and  options. 

/clear 

Clears  the  audit  policy. 

See  Auditpol  clear  for  syntax  and  options. 

/remove 

Removes  all  per-user  audit  policy  settings  and  disables  all 
system  audit  policy  settings. 

See  Auditpol  remove  for  syntax  and  options. 

/resourceSACL 

Configures  global  resource  system  access  control  lists  (SACLs). 
Note:  Applies  only  to  Windows  7  and  Windows  Server  2008 

R2. 

See  Auditpol  resourceSACL. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

The  audit  policy  command-line  tool  can  be  used  to: 


•  Set  and  query  a  system  audit  policy. 


•  Set  and  query  a  per-user  audit  policy. 

•  Set  and  query  auditing  options. 

•  Set  and  query  the  security  descriptor  used  to  delegate  access  to  an  audit  policy. 

•  Report  or  back  up  an  audit  policy  to  a  comma-separated  value  (CSV)  text  file. 

•  Load  an  audit  policy  from  a  CSV  text  file. 

•  Configure  global  resource  SACLs. 

Additional  references 

Command-Line  Syntax  Key 


autochk 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Runs  when  the  computer  is  started  and  prior  to  Windows  Server®  2008  R2  starting  to  verify  the  logical  integrity 

of  a  file  system. 

Autochk.exe  is  a  version  of  Chkdsk  that  runs  only  on  NTFS  disks  and  only  before  Windows  Server  2008  R2 

starts.  Autochk  cannot  be  run  directly  from  the  command-line.  Instead,  Autochk  runs  in  the  following  situations: 

•  If  you  try  to  run  Chkdsk  on  the  boot  volume 

•  If  Chkdsk  cannot  gain  exclusive  use  of  the  volume 

•  If  the  volume  is  flagged  as  dirty 

Remarks 

•  [IWARNING]  The  Autochk  command-line  tool  cannot  be  directly  run  from  the  command-line.  Instead,  use 
the  Chkntfs  command-line  tool  to  configure  the  way  you  want  Autochk  to  run  at  startup. 

•  You  can  use  Chkntfs  with  the  /x  parameter  to  prevent  Autochk  from  running  on  a  specific  volume  or 
multiple  volumes. 

•  Use  the  Chkntfs.exe  command-line  tool  with  the  /t  parameter  to  change  the  Autochk  delay  from  0 
seconds  to  up  to  3  days  (259,200  seconds).  However,  a  long  delay  means  that  the  computer  does  not  start 
until  the  time  elapses  or  until  you  press  a  key  to  cancel  Autochk. 


Additional  references 

Command-Line  Syntax  Key 

Chkdsk 

Chkntfs 


Troubleshooting  Disks  and  File  Systems 


autoconv 


1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

converts  file  allocation  table  (Fat)  and  Fat32  volumes  to  the  NTFS  file  system,  leaving  existing  files  and  directories 
intact  at  startup  after  autochk  runs,  volumes  converted  to  the  NTFS  file  system  cannot  be  converted  back  to  Fat  or 
Fat32. 

remarks 

You  cannot  run  autoconv  on  the  command-line.  This  will  only  be  run  at  startup,  if  set  through  convert.exe. 

additional  references 

Command-Line  Syntax  Key  autochk  convert  Working  with  File  Systems 


autofmt 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Formats  a  drive  or  partition  when  called  from  the  Windows  Recovery  Console. 

Remarks 

You  cannot  run  Autofmt  directly  from  the  command-line. 

Additional  references 

Command-Line  Syntax  Key 

Working  with  File  Systems 


bed  boot 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Enables  you  to  quickly  set  up  a  system  partition,  or  to  repair  the  boot  environment  located  on  the  system  partition. 
The  system  partition  is  set  up  by  copying  a  simple  set  of  Boot  Configuration  Data  (BCD)  files  to  an  existing  empty 
partition. 

For  more  information  about  BCDboot,  including  information  on  where  to  find  BCDboot  and  examples  of  how  to 
use  this  command,  see  the  BCDboot  Command-Line  Options  topic. 

Syntax 

bedboot  <source>  [ /I ]  [/s ] 

Parameters 

PARAMETER  DESCRIPTION 

source  Specifies  the  location  of  the  Windows  directory  to  use  as  the 

source  for  copying  boot  environment  files. 

/I  Specifies  the  locale.  The  default  locale  is  US  English. 


/s 


Specifies  the  volume  letter  of  the  system  partition.  The  default 
is  the  system  partition  identified  by  the  firmware. 


Examples 

For  more  examples  of  how  to  use  this  command,  see  the  BCDboot  Command-Line  Options  topic. 

Additional  references 


Command-Line  Syntax  Key 


bcdedit 

4/1 3/2018  •  4  min  to  read  •  Edit  Online 


Boot  Configuration  Data  (BCD)  files  provide  a  store  that  is  used  to  describe  boot  applications  and  boot  application 
settings.  The  objects  and  elements  in  the  store  effectively  replace  Boot.ini. 

BCDEdit  is  a  command-line  tool  for  managing  BCD  stores.  It  can  be  used  for  a  variety  of  purposes,  including 
creating  new  stores,  modifying  existing  stores,  adding  boot  menu  parameters,  and  so  on.  BCDEdit  serves 
essentially  the  same  purpose  as  Bootcfg.exe  on  earlier  versions  of  Windows,  but  with  two  major  improvements: 

•  Exposes  a  wider  range  of  boot  parameters  than  Bootcfg.exe. 

•  Has  improved  scripting  support. 


NOTE 

Administrative  privileges  are  required  to  use  BCDEdit  to  modify  BCD. 


BCDEdit  is  the  primary  tool  for  editing  the  boot  configuration  of  Windows  Vista  and  later  versions  of  Windows.  It 
is  included  with  the  Windows  Vista  distribution  in  the  %WINDIR%\System32  folder. 

BCDEdit  is  limited  to  the  standard  data  types  and  is  designed  primarily  to  perform  single  common  changes  to 
BCD.  For  more  complex  operations  or  nonstandard  data  types,  consider  using  the  BCD  Windows  Management 
Instrumentation  (WMI)  application  programming  interface  (API)  to  create  more  powerful  and  flexible  custom  tools. 

Syntax 

BCDEdit  /Command  [<Argumentl>]  [<Argument2>]  ... 


Parameters 

General  BCDEdit  Command-Line  Option 

OPTION  DESCRIPTION 


/?  Displays  a  list  of  BCDEdit  commands.  Running  this  command 

without  an  argument  displays  a  summary  of  the  available 
commands.  To  display  detailed  help  for  a  particular  command, 
run  bcdedit/?  <command>,  where  is  the  name  of  the 
command  you  are  searching  for  more  information  about.  For 
example,  bcdedit/?  createstore  displays  detailed  help  for  the 
Createstore  command. 


Parameters  that  Operate  on  a  Store 

OPTION  DESCRIPTION 


/createstore 


Creates  a  new  empty  boot  configuration  data  store.  The 
created  store  is  not  a  system  store. 


OPTION 


DESCRIPTION 


/export 

Exports  the  contents  of  the  system  store  into  a  file.  This  file 
can  be  used  later  to  restore  the  state  of  the  system  store.  This 
command  is  valid  only  for  the  system  store. 

/import 

Restores  the  state  of  the  system  store  by  using  a  backup  data 
file  previously  generated  by  using  the  /export  option.  This 
command  deletes  any  existing  entries  in  the  system  store 
before  the  import  takes  place.  This  command  is  valid  only  for 
the  system  store. 

/store 

This  option  can  be  used  with  most  BCDedit  commands  to 
specify  the  store  to  be  used.  If  this  option  is  not  specified,  then 
BCDEdit  operates  on  the  system  store.  Running  the  bcdedit 
/store  command  by  itself  is  equivalent  to  running  the 

bcdedit /enum  active  command. 

Parameters  that  Operate  on  Entries  in  a  Store 

PARAMETER 

DESCRIPTION 

/copy 

Makes  a  copy  of  a  specified  boot  entry  in  the  same  system 
store. 

/create 

Creates  a  new  entry  in  the  boot  configuration  data  store.  If  a 
well-known  identifier  is  specified,  then  the  /application, 

/inherit,  and  /device  parameters  cannot  be  specified.  If  an 
identifier  is  not  specified  or  not  well  known,  an  /application, 
/inherit,  or  /device  option  must  be  specified. 

/delete 

Deletes  an  element  from  a  specified  entry. 

Parameters  that  Operate  on  Entry  Options 

PARAMETER 

DESCRIPTION 

/deletevalue 

Deletes  a  specified  element  from  a  boot  entry. 

/set 

Sets  an  entry  option  value. 

Parameters  that  Control  Output 

PARAMETER 

DESCRIPTION 

/enum 

Lists  entries  in  a  store.  The  /enum  option  is  the  default  value 
for  BCEdit,  so  running  the  bcdedit  command  without 
parameters  is  equivalent  to  running  the  bcdedit  /enum 
active  command. 

/v 

Verbose  mode.  Usually,  any  well-known  entry  identifiers  are 
represented  by  their  friendly  shorthand  form.  Specifying  /v  as 
a  command-line  option  displays  all  identifiers  in  full.  Running 
the  bcdedit /v  command  by  itself  is  equivalent  to  running  the 

bcdedit /enum  active  /v  command. 

Parameters  that  Control  the  Boot  Manager 


PARAMETER 


DESCRIPTION 


/bootsequence 

Specifies  a  one-time  display  order  to  be  used  for  the  next 
boot.  This  command  is  similar  to  the  /displayorder  option, 
except  that  it  is  used  only  the  next  time  the  computer  starts. 
Afterwards,  the  computer  reverts  to  the  original  display  order. 

/default 

Specifies  the  default  entry  that  the  boot  manager  selects  when 
the  timeout  expires. 

/displayorder 

Specifies  the  display  order  that  the  boot  manager  uses  when 
displaying  boot  parameters  to  a  user. 

/timeout 

Specifies  the  time  to  wait,  in  seconds,  before  the  boot 
manager  selects  the  default  entry. 

/toolsdisplayorder 

Specifies  the  display  order  for  the  boot  manager  to  use  when 
displaying  the  Tools  menu. 

Parameters  that  Control  Emergency  Management  Services 


PARAMETER 

DESCRIPTION 

/bootems 

Enables  or  disables  Emergency  Management  Services  (EMS) 
for  the  specified  entry. 

/ems 

Enables  or  disables  EMS  for  the  specified  operating  system 
boot  entry. 

/emssettings 

Sets  the  global  EMS  settings  for  the  computer,  /emssettings 
does  not  enable  or  disable  EMS  for  any  particular  boot  entry. 

Parameters  that  Control  Debugging 


PARAMETER 

DESCRIPTION 

/bootdebug 

Enables  or  disables  the  boot  debugger  for  a  specified  boot 
entry.  Although  this  command  works  for  any  boot  entry,  it  is 
effective  only  for  boot  applications. 

/dbgsettings 

Specifies  or  displays  the  global  debugger  settings  for  the 
system.  This  command  does  not  enable  or  disable  the  kernel 
debugger;  use  the  /debug  option  for  that  purpose.  To  set  an 
individual  global  debugger  setting,  use  the  bcdedit  /set 
<dbgsettings>  command. 

/debug 

Enables  or  disables  the  kernel  debugger  for  a  specified  boot 
entry. 

Examples 

For  examples  of  BCDEdit,  see  the  BCDEdit  Options  Reference. 


bdehdcfg 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Prepares  a  hard  drive  with  the  partitions  necessary  for  BitLocker  Drive  Encryption.  Most  installations  of  Windows 
7  will  not  need  to  use  this  tool  because  BitLocker  setup  includes  the  ability  to  prepare  and  repartition  drives  as 
required. 


WARNING 

There  is  a  known  conflict  with  the  Deny  write  access  to  fixed  drives  not  protected  by  BitLocker  Group  Policy  setting 
located  in  Computer  Configuration\Administrative  Templates\Windows  Components\BitLocker  Drive 
Encryption\Fixed  Data  Drives. 

>  If  Bdehdcfg  is  run  on  a  computer  when  this  policy  setting  is  enabled,  you  may  encounter  the  following  issues: 

>  -  If  you  attempted  to  shrink  the  drive  and  create  the  system  drive,  the  drive  size  will  be  successfully  reduced  and  a  raw 
partition  will  be  created.  However,  the  raw  partition  will  not  be  formatted.  The  following  error  message  is  displayed:  "The  new 
active  Drive  cannot  be  formatted.  You  may  need  to  manually  prepare  your  drive  for  BitLocker." 

>  -  If  you  attempted  to  use  unallocated  space  to  create  the  system  drive,  a  raw  partition  will  be  created.  However,  the  raw 
partition  will  not  be  formatted.  The  following  error  message  is  displayed:  "The  new  active  Drive  cannot  be  formatted.  You  may 
need  to  manually  prepare  your  drive  for  BitLocker." 

>  -  If  you  attempted  to  merge  an  existing  drive  into  the  system  drive,  the  tool  will  fail  to  copy  the  required  boot  file  onto  the 
target  drive  to  create  the  system  drive.  The  following  error  message  is  displayed:  "BitLocker  setup  failed  to  copy  boot  files. 

You  may  need  to  manually  prepare  your  drive  for  BitLocker." 

>  If  this  policy  setting  is  being  enforced,  a  hard  drive  cannot  be  repartitioned  because  the  drive  is  protected.  If  you  are 
upgrading  computers  in  your  organization  from  a  previous  version  of  Windows  and  those  computers  were  configured  with  a 
single  partition,  you  should  create  the  required  BitLocker  system  partition  before  applying  the  policy  setting  to  the 
computers. 


For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

bdehdcfg  [a€"driveinfo  <Drivel_etter>]  [-target  {default | unallocated | <DriveLetter>  shrink | <DriveLetter>  merge}] 
[a€"newdriveletter]  [a€"size  <SizeinMB>]  [-quiet] 


Parameters 

PARAMETER 


DESCRIPTION 


Bdehdcfg:  driveinfo  Displays  the  drive  letter,  the  total  size,  the  maximum  free 

space,  and  the  partition  characteristics  of  the  partitions  on  the 
drive  specified.  Only  valid  partitions  are  listed.  Unallocated 
space  is  not  listed  if  four  primary  or  extended  partitions 
already  exist. 


Bdehdcfg:  target 


Defines  which  portion  of  a  drive  to  use  as  the  system  drive 
and  makes  the  portion  active. 


Bdehdcfg:  newdriveletter 


Assigns  a  new  drive  letter  to  the  portion  of  a  drive  used  as  the 
system  drive. 


PARAMETER 


DESCRIPTION 


Bdehdcfg:  size 


Determines  the  size  of  the  system  partition  when  a  new 
system  drive  is  being  created. 


Bdehdcfg:  quiet  Prevents  the  display  of  all  actions  and  errors  in  the  command¬ 

line  interface  and  directs  Bdehdcfg  to  use  the  "Yes"  answer  to 
any  Yes/No  prompts  that  may  occur  during  subsequent  drive 
preparation. 


Bdehdcfg:  restart 


Directs  the  computer  to  restart  after  the  drive  preparation  has 
finished. 


/?  Displays  Help  at  the  command  prompt. 

Examples 

The  following  example  depicts  Bdehdcfg  being  used  with  the  default  drive  to  create  a  system  partition  of  500  MB. 
Because  no  drive  letter  is  specified,  the  new  system  partition  will  not  have  a  drive  letter. 

bdehdcfg  -target  default  -size  500 

The  following  example  depicts  Bdehdcfg  being  used  with  the  default  drive  to  create  a  system  partition  (P:)  of  the 
default  size  of  300  M  B  out  of  unallocated  space  on  the  drive.  The  tool  will  not  prompt  the  user  for  any  further  input 
nor  will  any  errors  be  displayed.  After  the  system  drive  has  been  created,  the  computer  will  automatically  restart 

bdehdcfg  -target  unallocated  a€“newdriveletter  P:  -quiet  -restart 

Additional  references 


•  Command-Line  Syntax  Key 


bitsadmin 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

bitsadmin  is  a  command-line  tool  that  you  can  use  to  create  download  or  upload  jobs  and  monitor  their  progress. 

Commands 

bitsadmin  addfile  bitsadmin  addfileset  bitsadmin  addfilewithranges  bitsadmin  cancel  bitsadmin  complete 
bitsadmin  create  bitsadmin  getaclflags  bitsadmin  getbytestotal  bitsadmin  getbytestransferred  bitsadmin 
getcompletiontime  bitsadmin  getcreationtime  bitsadmin  getdescription  bitsadmin  getdisplayname  bitsadmin 
geterror  bitsadmin  geterrorcount  bitsadmin  getfilestotal  bitsadmin  getfilestransferred  bitsadmin  getminretrydelay 
bitsadmin  getmodificationtime  bitsadmin  getnoprogresstimeout  bitsadmin  getnotifycmdline  bitsadmin 
getnotifyflags  bitsadmin  getnotifyinterface  bitsadmin  getowner  bitsadmin  get  priority  bitsadmin  getproxybypasslist 
bitsadmin  getproxylist  bitsadmin  getproxyusage  bitsadmin  getreplydata  bitsadmin  getreplyfilename  bitsadmin 
getreplyprogress  bitsadmin  getstate  bitsadmin  gettype  bitsadmin  help  bitsadmin  info  bitsadmin  list  bitsadmin 
listfiles  bitsadmin  monitor  bitsadmin  nowrap  bitsadmin  rawreturn  bitsadmin  removecredentials  bitsadmin 
replaceremoteprefix  bitsadmin  reset  bitsadmin  resume  bitsadmin  setaclflag  bitsadmin  setcredentials  bitsadmin 
setdescription  bitsadmin  setdisplayname  bitsadmin  setminretrydelay  bitsadmin  setnoprogresstimeout  bitsadmin 
setnotifycmdline  bitsadmin  setnotifyflags  bitsadmin  setpriority  bitsadmin  setproxysettings  bitsadmin 
setreplyfilename  bitsadmin  suspend  bitsadmin  takeownership  bitsadmin  Transfer  bitsadmin  util  bitsadmin  wrap 


bitsadmin  addfile 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  a  file  to  the  specified  job. 

Syntax 

bitsadmin  /AddFile  <Job>  <RemoteURL>  <LocalName> 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

RemoteURL 

The  URL  of  the  file  on  the  server. 

Local  Name 

The  name  of  the  file  on  the  local  computer.  LocalName  must 
contain  an  absolute  path  to  the  file. 

Examples 

Add  a  file  to  the  job.  Repeat  this  call  for  each  file  you  want  to  add.  If  multiple  jobs  use  myDownloadJob  as  their 
name,  you  must  replace  myDownloadJob  with  the  job's  GUID  to  uniquely  identify  the  job. 

C:\>bitsadmin  /addfile  myDownloadJob  http: 

: //down loads nv/10mb .zip  c : \10mb . zip 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  addfileset 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  one  or  more  files  to  the  specified  job. 

Syntax 

bitsadmin  /addfileset  <3ob>  <TextFile> 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

TextFile 

A  text  file  containing  remote  and  local  file  names. 

Note:  The  names  are  space-delimited.  Lines  that  begin  with  a 
#  character  are  treated  as  a  comment. 

Examples 

C:\>bitsadmin  /addfileset  files.txt 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  addfilewithranges 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  a  file  to  the  specified  job.  BITS  downloads  the  specified  ranges  from  the  remote  file. 

Syntax 

bitsadmin  /AddFileWithRanges  <Job> 

<RemoteURL>  <LocalName>  <RangeList> 

Parameters 

PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

RemoteURL 

RemoteURL  is  the  URL  of  the  file  on  the  server. 

Local  Name 

LocalName  is  the  name  of  the  file  on  the  local  computer. 
LocalName  must  contain  an  absolute  path  to  the  file. 

RangeList 

RangeList  is  a  comma-delimited  list  of  offset  and  length  pairs. 

Use  a  colon  to  separate  the  offset  value  from  the  length  value. 

More  Information 

•  The  token  eof  is  a  valid  length  value  within  the  offset  and  length  pairs  in  the  <RangeList>.  It  instructs  the 
service  to  read  to  the  end  of  the  specified  file. 

•  Note  that  AddFileWithRanges  will  fail  with  error  code  0x8020002c  when  a  zero-length  range  is  specified 
along  with  another  range  with  same  offset,  such  as:  C:\bits>bitsadmin  /addfilewithranges  j2 

http://bitsdc/dload/1  k.zip  c:\1  k.zip  1 00:0,1 00:5 

Error  message:  Unable  to  add  file  to  job  -  0x8020002c.  The  list  of  byte  ranges  contains  some  overlapping 
ranges,  which  are  not  supported. 

Workaround:  do  not  specify  the  zero-length  range  first.  For  example:  bitsadmin  /addfilewithranges  j2 

http://bitsdc/dload/1  k.zip  c:\1  k.zip  1 00:5,1 00:0. 

Examples 

The  following  example  tells  BITS  to  transfer  100  bytes  from  offset  0, 1 00  bytes  from  offset  2000,  and  the 
remaining  bytes  from  offset  5000  to  the  end  of  the  file. 

C:\>bitsadmin  /addfilewithranges  http://downloadsrv/10mb.zip  c:\10mb.zip  "0 : 100, 2000: 100, 5000: eof" 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  cancel 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Removes  the  job  from  the  transfer  queue  and  deletes  all  temporary  files  associated  with  the  job. 

Syntax 

bitsadmin  /cancel  Oob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  removes  the  myDownloadJob  job  from  the  transfer  queue. 

C:\>bitsadmin  /cancel  myDownloadlob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  complete 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Completes  the  job.  The  downloaded  files  are  not  available  to  you  until  you  use  this  switch.  Use  this  switch  after  the 
job  moves  to  the  transferred  state.  Otherwise,  only  those  files  that  have  been  successfully  transferred  are  available. 

Syntax 

bitsadmin  /complete  Oob> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

When  the  state  of  the  job  is  TRANSFERRED,  BITS  has  successfully  transferred  all  files  in  the  job.  However,  the  files 
are  not  available  until  you  use  the  /complete  switch.  If  multiple  jobs  use  myDownloadJob  as  their  name,  you  must 
replace  myDownloadJob  with  the  job's  GUID  to  uniquely  identify  thejob. 

C:\>bitsadmin  /complete  myDownloadlob 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  create 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


creates  a  transfer  job  with  the  given  display  name. 

Syntax 

bitsadmin  /create  [type]  DisplayName 


Parameters 

PARAMETER  DESCRIPTION 

type  -  /Download  transfers  data  from  a  server  to  a  local  file. 

-  /Upload  transfers  data  from  a  local  file  to  a  server. 

-  /Upload- Reply  transfers  data  from  a  local  file  to  a  server 
and  receives  a  reply  file  from  the  server. 

-  This  parameter  defaults  to  /Download  when  not  specified 
on  the  command  line. 


DisplayName 


The  display  name  assigned  to  the  newly  created  job. 


Use  the  bitsadmin  resume  switch  to  activate  the  job  in  the  transfer  queue. 

Examples 

creates  a  download  job  named  myDownloadJob. 

C:\>bitsadmin  /create  myDownloadJob 


additional  references 


Command-Line  Syntax  Key 


bitsadmin  getaclflags 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  access  control  list  propagations  flags. 

Syntax 

bitsadmin  /GetAclFlags  <iob> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Remarks 

Displays  one  or  more  of  the  following  flag  values: 

•  O:  Copy  owner  information  with  file. 

•  G:  Copy  group  information  with  file. 

•  D:  Copy  DACL  information  with  file. 

•  S:  Copy  SACL  information  with  file. 

Examples 

The  following  example  retrieves  the  access  control  list  propagation  flags  for  the  job  named  myDownloadJob. 
C:\>bitsadmin  /getaclflags  myDownloadlob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getbytestotal 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  size  of  the  specified  job 

Syntax 

bitsadmin  /GetBytesTotal  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  size  of  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetBytesTotal  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getbytestransferred 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  number  of  bytes  transferred  for  the  specified  job. 

Syntax 

bitsadmin  /GetBytesTransferred  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  number  of  bytes  transferred  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetBytesTransferred  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getcompletiontime 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  time  that  the  job  finished  transferring  data. 

Syntax 

bitsadmin  /GetCompletionTime  <Dob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  time  that  the  job  named  myDownloadJob  finished  transferring  data. 

C:\>bitsadmin  /GetCompletionTime  myDownloadDob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getcreationtime 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  creation  time  for  the  specified  job. 

Syntax 

bitsadmin  /GetCreationTime  <3ob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  creation  time  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetCreationTime  myDownloadtob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getdescription 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  description  of  the  specified  job. 

Syntax 

bitsadmin  /GetDescription  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  description  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetDescription  myDownloadiob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getdisplayname 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  display  name  of  the  specified  job. 

Syntax 

bitsadmin  /GetDisplayName  <Job> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Examples 

The  following  example  retrieves  the  display  name  for  thejob  named  myDownloadJob. 
C:\>bitsadmin  /GetDisplayName  myDownloadJob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  geterror 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  detailed  error  information  for  the  specified  job. 

Syntax 

bitsadmin  /GetError  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  error  information  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetError  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  geterrorcount 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  a  count  of  the  number  of  times  the  specified  job  generated  a  transient  error. 

Syntax 

bitsadmin  /GetErrorCount  <Dob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  error  count  information  for  thejob  named  myDownloadJob. 

C:\>bitsadmin  /GetErrorCount  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getfilestotal 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  number  of  files  in  the  specified  job. 

Syntax 

bitsadmin  /GetFilesTotal  <Dob> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Examples 

The  following  example  retrieves  the  number  of  files  included  in  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetFilesTotal  myDownloadJob 


# 


Command-Line  Syntax  Key  See  Also 


bitsadmin  getfilestransferred 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  number  of  files  transferred  for  the  specified  job. 

Syntax 

bitsadmin  /GetFilesTransferred  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  number  of  files  transferred  in  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetFilesTransferred  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getminretrydelay 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  length  of  time,  in  seconds,  that  the  service  waits  after  encountering  a  transient  error  before  trying  to 
transfer  the  file. 

Syntax 

bitsadmin  /GetMinRetryDelay  Oob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  minimum  retry  delay  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetMinRetryDelay  myDownloadiob 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getmodificationtime 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  last  time  the  job  was  modified  or  data  was  successfully  transferred. 

Syntax 

bitsadmin  /GetModificationTime  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  last  modified  time  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetModificationTime  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getnoprogresstimeout 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  length  of  time,  in  seconds,  that  the  service  tries  to  transfer  the  file  after  a  transient  error  occurs 

Syntax 

bitsadmin  /GetNoProgressTimeout  <Job> 

Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  progress  time  out  value  for  the  job  named  myDownloadJob 
C:\>bitsadmin  /GetNoProgressTimeout  myDownloadiob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getnotifycmdline 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  command-line  command  that  is  ran  when  the  job  finishes  transferring  data. 

Syntax 

bitsadmin  /GetNotifyCmdLine  <3ob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  command-line  command  used  by  the  service  when  thejob  named 
myDownloadJob  completes. 

C:\>bitsadmin  /GetNotifyCmdLine  myDownloadDob 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getnotifyflags 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  notify  flags  for  the  specified  job. 

Syntax 

bitsadmin  /GetNotifyFlags  <iob> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Remarks 

The  job  can  contain  one  or  more  of  the  following  notification  flags. 

| - 1 - 1  |0x001  |Generate  an  event  when  all  files  in  the  job  have  been  transferred.!  |0x002|Generate  an  event 

when  an  error  occurs.!  |0x004|  Disable  notifications.!  |0x008|Generate  an  event  when  the  job  is  modified  or  transfer 
progress  is  made.| 

Examples 

The  following  example  retrieves  the  notify  flags  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetNotifyFlags  myDownloaddob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getnotifyi interface 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Determines  if  another  program  has  registered  a  COM  callback  interface  for  the  specified  job. 

Syntax 

bitsadmin  /GetNotifylnterface  Oob> 

Parameters 

PARAMETER 

Job 

Remarks 

Displays  REGISTERED  or  UNREGISTERED. 

NOTE 

It  is  not  possible  to  determine  the  program  that  registered  the  callback  interface. 

Examples 

The  following  example  retrieves  the  notify  interface  for  thejob  named  myDownloadJob. 
C:\>bitsadmin  /GetNotifylnterface  myDownloadJob 

Additional  references 


DESCRIPTION 

The  job's  display  name  or  GUID 


Command-Line  Syntax  Key 


bitsadmin  getowner 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  owner  of  the  specified  job. 

Syntax 

bitsadmin  /GetOwner  <Job> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  displays  the  owner  for  thejob  named  myDownloadJob. 

C:\>bitsadmin  /GetOwner  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  get  priority 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  priority  of  the  specified  job. 

Syntax 

bitsadmin  /GetPriority  <Job> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

•  The  priority  is  either  FOREGROUND,  HIGH,  NORMAL,  LOW,  or  UNKNOWN. 

Examples 

The  following  example  retrieves  the  priority  for  the  job  named  myDownloadJob. 


C:\>bitsadmin  /GetPriority  myDownloadJob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getproxybypasslist 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  proxy  bypass  list  for  the  specified  job. 

Syntax 

bitsadmin  /GetProxyBypassList  Oob> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Remarks 

•  The  bypass  list  contains  the  host  names  or  I P  addresses,  or  both,  that  are  not  to  be  routed  through  a  proxy.  The 
list  can  contain  "<local>"  to  refer  to  all  servers  on  the  same  LAN.  The  list  can  be  semicolon  or  space-delimited. 

Examples 

The  following  example  retrieves  the  proxy  bypass  list  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /GetPnoxyBypassList  myDownloadiob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getproxylist 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  proxy  list  for  the  specified  job. 

Syntax 

bitsadmin  /GetProxyList  <Job> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

•  The  proxy  list  is  the  list  of  proxy  servers  to  use.  The  list  is  comma-delimited. 

Examples 

The  following  example  retrieves  the  proxy  list  for  the  job  named  myDownloadJob. 


C:\>bitsadmin  /GetPnoxyList  myDownloadJob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getproxyusage 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  proxy  usage  setting  for  the  specified  job. 

Syntax 

bitsadmin  /GetProxyUsage  <Dob> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Remarks 

The  possible  values  are: 

•  PRECONFIG — use  the  owner's  Internet  Explorer  defaults. 

•  NO_PROXY — do  not  use  a  proxy  server. 

•  OVERRIDE — Use  an  explicit  proxy  list. 

•  AUTODETECT — Automatically  detect  the  proxy  settings. 

Examples 

The  following  example  retrieves  the  proxy  usage  for  thejob  named  myDownloadJob. 
C:\>bitsadmin  /GetPnoxyUsage  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  getreplydata 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  server's  reply  data  in  hexadecimal  format. 

Syntax 

bitsadmin  /GetReplyData  <Job> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

Valid  only  for  upload-reply  jobs. 

Examples 

The  following  example  retrieves  the  reply  data  for  the  job  named  myDownloadJob. 


C:\>bitsadmin  /GetReplyData  myDownloadJob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getreplyfilename 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Gets  the  path  of  the  file  that  contains  the  server  reply. 

Syntax 

bitsadmin  /GetReplyFileName  <iob> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

Valid  only  for  upload-reply  jobs. 

Examples 

The  following  example  retrieves  the  reply  filename  for  the  job  named  myDownloadJob. 


C:\>bitsadmin  /GetReplyFileName  myDownloaddob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getreply progress 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  size  and  progress  of  the  server  reply. 

Syntax 

bitsadmin  /GetReplyProgress  <3ob> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

Valid  only  for  upload-reply  jobs. 

Examples 

The  following  example  retrieves  the  reply  progress  for  thejob  named  myDownloadJob. 


C:\>bitsadmin  /GetReplyProgress  myDownloadlob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  getstate 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  state  of  the  specified  job. 

Syntax 

bitsadmin  /Getstate  <Job> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Remarks 

The  possible  states  are: 

| - 1 - 1  |QUEUED|Thejob  is  waiting  to  run.|  |CONNECTING|BITS  is  contacting  the  serverj 

|TRANSFERRING[BITS  is  transferring  data.|  |SUSPENDED|Thejob  is  paused. |  |ERROR|A  non-recoverable  error 
occurred;  the  transfer  will  not  be  retried. |  |TRANSIENT_ERROR|A  recoverable  error  occurred;  the  transfer  retries 
when  the  minimum  retry  delay  expires. |  |ACKNOWLEDGED|Thejob  was  completed. |  |CANCELED|Thejob  was 
canceled.! 

Examples 

The  following  example  retrieves  the  state  for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /Getstate  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  gettype 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  job  type  of  the  specified  job. 

Syntax 

bitsadmin  /Gettype  <Job> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

The  type  can  be  DOWNLOAD,  UPLOAD,  UPLOAD-REPLY,  or  UNKNOWN. 

Examples 

The  following  example  retrieves  thejob  type  for  thejob  named  myDownloadJob. 


C:\>bitsadmin  /Gettype  myDownloadJob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  help 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  the  command-line  usage. 

Syntax 

bitsadmin  /help  |  /? 


Examples 

The  following  example  retrieves  the  command-line  help. 


C:\>bitsadmin  /help 


Additional  references 

Command-Line  Syntax  Key 


bitsadmin  info 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  summary  information  about  the  specified  job. 

Syntax 

bitsadmin  /Info  <]ob>  [/verbose] 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Remarks 

Use  the  /verbose  parameter  to  provide  detailed  information  about  the  job. 

Examples 

The  following  example  retrieves  information  about  the  job  named  myDownloadJob. 


C:\>bitsadmin  /Info  myDownloadlob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  list 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Lists  the  transfer  jobs  owned  by  the  current  user. 

Syntax 

bitsadmin  /List  [/allusers] [/verbose] 


Parameters 


PARAMETER 

DESCRIPTION 

/Allusers 

Optional — lists  jobs  for  all  users 

/Verbose 

Optional — provides  detail  information  for  each  job. 

Remarks 

You  must  have  administrator  privileges  to  use  the  /allusers  parameter 

Examples 

The  following  example  retrieves  information  aboutjobs  owned  by  the  current  user. 

C:\>bitsadmin  /List 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  listfiles 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Lists  the  files  in  the  specified  job. 

Syntax 

bitsadmin  /ListFiles  <Dob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  retrieves  the  list  of  files  for  the  job  named  myDownloadJob. 
C:\>bitsadmin  /GetNotifyFlags  myDownloadiob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  monitor 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Monitors  jobs  in  the  transfer  queue  that  the  current  user  owns. 

Syntax 

bitsadmin  /Monitor  [/allusers]  [/refresh  <Seconds>] 


Parameters 


PARAMETER 

DESCRIPTION 

Allusers 

Optional — monitors  jobs  for  all  users 

Refresh 

Optional — refreshes  the  data  at  an  interval  specified  by 
Seconds.  The  default  refresh  interval  is  five  seconds. 

Remarks 

•  You  must  have  administrator  privileges  to  use  the  Allusers  parameter. 

•  Use  CTRL  +  C  to  stop  the  refresh. 

Examples 

The  following  example  monitors  the  transfer  queue  for  jobs  owned  by  the  current  user  and  refreshes  the 
information  every  60  seconds. 

C : \>bitsadmin  /Monitor  /refesh  60 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  nowrap 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Truncates  any  line  of  output  text  extending  beyond  the  rightmost  edge  of  the  command  window. 

Syntax 

bitsadmin  /NoWrap 


Remarks 

By  default,  all  commands,  except  the  Monitor  command,  wrap  the  output.  Specify  the  NoWrap  command  before 
other  commands. 

Examples 

The  following  example  retrieves  the  state  for  the  job  named  myDownloadJob  and  does  not  wrap  the  output 

C:\>bitsadmin  /NoWrap  /GetState  myDownloadDob 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  rawreturn 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Returns  data  suitable  for  parsing. 

Syntax 

bitsadmin  /RawReturn 


Remarks 

Strips  new  line  characters  and  formatting  from  the  output. 

Typically,  you  use  this  command  in  conjunction  with  the  Create  and  Get\*  commands  to  receive  only  the  value. 
You  must  specify  this  command  before  other  commands. 

Examples 

The  following  example  retrieves  the  raw  data  for  the  state  of  the  job  named  myDownloadJob. 

C:\>bitsadmin  /RawReturn  /GetState  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  removecredentials 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Removes  credentials  from  a  job. 

Syntax 

bitsadmin  /RemoveCredentials  <Job>  <Target>  <Scheme> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Target 


SERVER  or  PROXY 


Scheme  One  of  the  following: 

-  BASIC — authentication  scheme  in  which  the  user  name  and 
password  are  sent  in  dear-text  to  the  server  or  proxy. 

-  DIGEST — a  challenge-response  authentication  scheme  that 
uses  a  server-specified  data  string  for  the  challenge. 

-  NTLM — a  challenge-response  authentication  scheme  that 
uses  the  credentials  of  the  user  for  authentication  in  a 
Windows  network  environment. 

-  NEGOTIATE — also  known  as  the  Simple  and  Protected 
Negotiation  protocol  (Snego)  is  a  challenge-response 
authentication  scheme  that  negotiates  with  the  server  or 
proxy  to  determine  which  scheme  to  use  for  authentication. 
Examples  are  the  Kerberos  protocol  and  NTLM. 

-  PASSPORT — a  centralized  authentication  service  provided  by 
Microsoft  that  offers  a  single  logon  for  member  sites. 


Examples 

The  following  example  removes  credentials  from  the  job  named  myDownloadJob. 

C:\>bitsadmin  /Removecredentials  myDownloadJob  SERVER  BASIC 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  replaceremoteprefix 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


All  files  in  the  job  whose  remote  URL  begins  with  Old  Prefix  are  changed  to  use  New  Prefix. 

Syntax 

bitsadmin  /ReplaceRemotePrefix  <Job>  <01dPrefix>  <NewPrefix 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

OldPrefix 

Existing  URL  prefix 

NewPrefix 

New  URL  prefix 

Examples 

The  following  example  changes  all  files  in  job  named  myDownloadJob  whose  remote  URL  begins  with 

http://stageserver  to  http://prodserver. 

C:\>bitsadmin  /ReplaceRemotePrefix  myDownloadJob  http://stagesenver  http://prodserver 

Additional  information 


Command-Line  Syntax  Key 


bitsadmin  reset 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Cancels  all  jobs  in  the  transfer  queue  that  the  current  user  owns. 

Syntax 

bitsadmin  /Reset  [/AllUsers] 


Parameters 

PARAMETER  DESCRIPTION 


AllUsers 


Optional —  cancels  all  jobs  in  the  queue. 


Remarks 

You  must  have  administrator  privileges  to  use  the  AllUsers  parameter. 


NOTE 

Administrators  cannot  reset  jobs  created  by  Local  System.  Use  the  task  scheduler  to  schedule  this  command  as  task  using  the 
Local  System  credentials. 


Examples 

The  following  example  cancels  all  thejobs  in  the  transfer  queue  for  the  current  user. 

C:\>bitsadmin  /Reset 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  resume 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Activates  a  new  or  suspended  job  in  the  transfer  queue. 

Syntax 

bitsadmin  /Resume  <Job> 


Parameters 

PARAMETER  DESCRIPTION 


Job 


The  job's  display  name  or  GUID 


Examples 

The  following  example  resumes  the  job  named  myDownloadJob. 

C : \>bitsadmin  /Resume  myDownloadJob 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  setaclflag 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  access  control  list  propagations  flags. 

Syntax 

bitsadmin  /SetAclFlags  <Job>  <Flags> 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Flags 

Specify  one  or  more  of  the  following  flag  values: 

-  O:  Copy  owner  information  with  file. 

-  G:  Copy  group  information  with  file. 

-  D:  Copy  DACL  information  with  file. 

-  S  :Copy  SACL  information  with  file. 

Remarks 

The  SetAclFlags  command  is  used  to  maintain  Owner  and  access  control  list  information  when  a  job  is 
downloading  data  from  a  Windows  (SMB)  share. 


Examples 

The  following  example  sets  the  access  control  list  propagation  flags  for  thejob  named  myDownloadJob  to 
maintain  the  owner  and  group  information  with  the  downloaded  files. 

C:\>bitsadmin  /setaclflags  myDownloadtob  OG 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  setcredentials 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  credentials  to  a  job. 

Syntax 

bitsadmin  /Setcredentials  <iob>  <Target>  <Scheme>  <Username>  <Password> 

Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Target 

SERVER  or  PROXY 

Scheme 

One  of  the  following: 

-  BASIC — authentication  scheme  in  which  the  user  name  and 
password  are  sent  in  clear-text  to  the  server  or  proxy. 

-  DIGEST — a  challenge-response  authentication  scheme  that 
uses  a  server-specified  data  string  for  the  challenge. 

-  NTLM — a  challenge-response  authentication  scheme  that 
uses  the  credentials  of  the  user  for  authentication  in  a 

Windows  network  environment. 

-  NEGOTIATE — also  known  as  the  Simple  and  Protected 
Negotiation  protocol  (Snego)  is  a  challenge-response 
authentication  scheme  that  negotiates  with  the  server  or 
proxy  to  determine  which  scheme  to  use  for  authentication. 
Examples  are  the  Kerberos  protocol  and  NTLM. 

-  PASSPORT — a  centralized  authentication  service  provided  by 
Microsoft  that  offers  a  single  logon  for  member  sites. 

Username 

The  name  of  the  provided  credentials 

Password 

The  password  associated  with  the  provided  Username 

Examples 

The  following  example  Adds  credentials  to  the  job  named  myDownloadJob. 

C:\>bitsadmin  /RemoveCredentials  myDownloadlob  SERVER  BASIC  Edward  Password20 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  setdescription 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  description  of  the  specified  job. 

Syntax 

bitsadmin  /SetDescription  Oob>  <Description> 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Description 

Text  used  to  describe  the  job. 

Examples 

The  following  example  retrieves  the  description 

for  the  job  named  myDownloadJob. 

C:\>bitsadmin  /SetDescription  myDownloadlob 

"Music  Downloads" 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  setdisplayname 

4/13/2018  •  1  min  to  read  •  EditOnline 

Sets  the  display  name  of  the  specified  job. 

Syntax 

bitsadmin  /SetDisplayName  <Job>  <DisplayName> 

Parameters 

PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

DisplayName 

Text  used  for  the  display  name  of  the  specified  job. 

Examples 

The  following  example  sets  the  display  name  for  the  job  named  myDownloadJob  to  myDownloadJob2. 

C:\>bitsadmin  /SetDisplayName  myDownloadJob  "Download 

Music  Job" 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  setminretrydelay 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  length  of  time,  in  seconds,  that  the  service  waits  after  encountering  a  transient  error  before  retrying  to 
transfer  the  file. 

Syntax 

bitsadmin  /SetMinRetryDelay  Oob>  <RetryDelay> 


Parameters 

PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

RetryDelay 

A  number  represented  in  seconds. 

Examples 

The  following  example  sets  the  minimum  retry  delay  for  thejob  named  myDownloadJob  to  35  seconds. 

C:\>bitsadmin  /SetMinRetryDelay  myDownloadDob  35 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  setnoprogresstimeout 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  length  of  time,  in  seconds,  that  the  service  tries  to  transfer  the  file  after  a  transient  error  occurs. 

Syntax 

bitsadmin  /SetNoProgressTimeout  <3ob>  <TimeOutvalue> 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

TimeOutvalue  A  number  represented  in  seconds. 

Remarks 

•  The  no  progress  timeout  interval  begins  when  the  job  encounters  a  transient  error. 

•  The  timeout  interval  stops  or  resets  when  a  byte  of  data  is  successfully  transferred. 

•  If  no  progress  timeout  interval  exceeds  the  TimeOutvalue,  then  the  job  is  placed  in  a  fatal  error  state. 

Examples 

The  following  example  sets  the  no  progress  time  out  value  for  the  job  named  myDownloadJob  to  20  seconds 
C:\>bitsadmin  /SetNoProgressTimeout  myDownloadiob  20 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  setnotifycmdline 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  command-line  command  that  will  run  when  the  job  finishes  transferring  data  or  when  a  job  enters  a  state.. 

Syntax 

bitsadmin  /SetNotifyCmdLine  Oob>  <ProgramName>  [ProgramParameters] 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

ProgramName 

Name  of  the  command  to  run  when  the  job  completes. 

Prog  ra  m  Pa  ra  meters 

Parameters  that  you  want  to  pass  to  ProgramName. 

Remarks 

You  can  specify  NULL  for  ProgramName  and  ProgramParameters.  If  ProgramName  is  NULL, 

ProgramParameters  must  be  NULL. 

IMPORTANT 

If  ProgramParameters  is  not  NULL,  then  the  first  parameter  in 

ProgramParameters  must  match  ProgramName. 

Examples 

The  following  example  sets  the  command-line  command  used  by  the  service  to  run  notepad  when  the  job  named 
myDownloadJob  completes. 


C:\>bitsadmin  /SetNotifyCmdLine  myDownloaddob  c:\winnt\system32\notepad.exe  NULL 


C:\>bitsadmin  /SetNotifyCmdLine  myDownloadiob  c:\winnt\system32\notepad.exe  "notepad  c:\eula.txt" 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  set  noti  f yf  I  a  g  s 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  event  notification  flags  for  the  specified  job. 

Syntax 

bitsadmin  /SetNotifyFlags  Oob>  <NotifyFlags> 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

NotifyFlags 

See  Remarks 

Remarks 

The  NotfiyFlags  parameter  can  contain  one  or  more  of  the  following  notification  flags. 

| - 1 - 1  |i  (Generate  an  event  when  all  files  in  the  job  have  been  transferred.!  |2|Generate  an  event  when  an  error 

occurs.]  |4| Disable  notifications.! 

Examples 

The  following  example  sets  the  notify  flags  for  transferred  and  error  events  job  for  job  named  myDownloadJob. 
C:\>bitsadmin  /SetNotifyFlags  myDownloadJob  3 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  setpriority 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  priority  of  the  specified  job. 

Syntax 

bitsadmin  /SetPriority  <tob>  <Priority> 


Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Priority 

One  of  the  following  values: 

-  FOREGROUND 

-  HIGH 

-  NORMAL 

-  LOW 

Examples 

The  following  example  sets  the  priority  for  thejob  named  myDownloadJob  to  normal. 
C:\>bitsadmin  /Setpriority  myDownloadtob  NORMAL 


Additional  references 


Command-Line  Syntax  Key 


bitsadmin  setproxysettings 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  proxy  settings  for  the  specified  job. 

Syntax 

bitsadmin  /SetProxySettings  <3ob>  <Usage>  [List]  [Bypass] 

Parameters 


PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Usage 

One  of  the  following  values: 

-  PRECONFIG — use  the  owner's  Internet  Explorer  defaults. 

-  NO_PROXY — do  not  use  a  proxy  server. 

-  OVERRIDE — use  an  explicit  proxy  list  and  bypass  list.  A  proxy 
and  proxy  bypass  list  must  follow. 

-  AUTODETECT — automatically  detect  proxy  settings. 

List 

Used  when  the  Usage  parameter  is  set  to  OVERRIDE — 
contains  a  semicolon  or  space  delimited  list  of  proxy  servers  to 

use. 

Bypass 

Used  when  the  Usage  parameter  is  set  to  OVERRIDE — 
contains  a  semicolon  or  space-delimited  list  of  host  names  or 

IP  addresses,  or  both,  for  which  transfers  are  not  to  be  routed 
through  a  proxy.  This  can  be  < local >  to  refer  to  all  servers  on 
the  same  LAN.  Values  of  NULL  or ""  may  be  used  for  an  empty 
proxy  bypass  list. 

Examples 

The  following  example  sets  the  proxy  settings  for  thejob  named  myDownloadJob 
C:\>bitsadmin  /SetPnoxySettings  myDownloaddob  PRECONFIG 

Additional  references 


Command-Line  Syntax  Key 


bitsadmin  setreplyfilename 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Specify  the  path  of  the  file  that  contains  the  server  reply. 

Syntax 

bitsadmin  /SetReplyFileName  Oob>  <Path> 

Parameters 

PARAMETER 

DESCRIPTION 

Job 

The  job's  display  name  or  GUID 

Path 

Location  to  place  the  server  reply 

Remarks 

Valid  only  for  upload-reply  jobs. 

Examples 

The  following  example  sets  the  reply  filename  pathfor  the  job  named  myDownloadJob. 
C:\>bitsadmin  /SetReplyFileName  myDownloadDob  c:\reply 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  suspend 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Suspends  the  specified  job. 

Syntax 

bitsadmin  /Suspend  <]ob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

remarks 

To  restart  the  job,  use  the  bitsadmin  resume  command. 

Examples 

The  following  example  suspends  the  job  named  myDownloadJob. 

C:\>bitsadmin  /Suspend  myDownloaddob 

additional  references 


Command-Line  Syntax  Key 


bitsadmin  takeownership 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Lets  a  user  with  administrative  privileges  take  ownership  of  the  specified  job. 

Syntax 

bitsadmin  /Takeownership  <Dob> 

Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

Examples 

The  following  example  takes  ownership  of  the  job  named  myDownloadJob. 

C:\>bitsadmin  /Takeownership  myDownloadJob 

Additional  references 

Command-Line  Syntax  Key 


bitsadmin  Transfer 

4/13/2018  •  1  min  to  read  •  EditOnline 

Transfers  one  or  more  files. 

Syntax 

bitsadmin  /Transfer  Name  [Type]  [/Priority  Tob_Priority] 

[/ACLFIags  Flags]  <RemoteFileName>  <LocalFileName> 

Parameters 

PARAMETER 

DESCRIPTION 

Name 

The  name  of  the  job. 

Type 

Optional — specify  the  type  of  job.  Use  /Download  for  a 
download  job  or  /Upload  for  an  upload  job. 

Priority 

Optional —  set  the  job_priority  to  one  of  the  following  values: 

-  FOREGROUND 

-  HIGH 

-  NORMAL 

-  LOW 

ACLFIags 

Specify  one  or  more  of  the  following  flags: 

-  O:  Copy  owner  information  with  file. 

-  G:  Copy  group  information  with  file. 

-  D:  Copy  DACL  information  with  file. 

-  S:  Copy  SACL  information  with  file. 

RemoteFileName 

The  name  of  the  file  when  transferred  to  the  server 

LocalFileName 

The  name  of  the  file  that  resides  locally. 

Remarks 

By  default,  the  BITSAdmin  service  creates  a  download  job  that  runs  at  NORMAL  priority  and  updates  the 
command  window  with  progress  information  until  the  transfer  is  complete  or  until  a  critical  error  occurs.  The 
service  completes  the  job  if  it  successfully  transfers  all  the  files  and  cancels  the  job  if  a  critical  error  occurs.  The 
service  does  not  create  the  job  if  it  is  unable  to  add  files  to  the  job  or  if  you  specify  an  invalid  value  for  Type  or 
Job_Priority.  To  transfer  more  than  one  file,  specify  multiple  RemoteFileName-LocalFileNcime  pairs.  The  pairs  are 
space-delimited. 


NOTE 

The  BITSAdmin  command  continues  to  run  if  a  transient  error  occurs.  To  end  the  command,  press  CTRL+C. 


Examples 


The  following  example  starts  a  transfer  job  with  named  myDownloadJob. 


C:\>bitsadmin  /Transfer  myDownloadDob  http://prodserver/audio.wma  c:\downloads\audio.wma 


Additional  references 

Command-Line  Syntax  Key 


bitsadmin  util 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Syntax 

bitsadmin  /Util  /help 
bitsadmin  /Util  /GetlEPnoxy 
bitsadmin  /Util  /repairService 
bitsadmin  /Util  /SetlEPnoxy 
bitsadmin  /Util  /version 

Parameters 


PARAMETER 

DESCRIPTION 

bitsadmin  util  and  help 

Displays  the  command-line  usage  for  the  /Util  commands. 

bitsadmin  util  and  getieproxy 

Retrieves  the  proxy  usage  for  the  given  service  account. 

bitsadmin  util  and  repairservice 

repairs  known  issues  with  BITS  service 

bitsadmin  util  and  setieproxy 

Specifies  proxy  settings  to  use  when  transferring  files  using  a 
service  account. 

bitsadmin  util  and  version 

Displays  the  version  of  the  BITS  service 

additional  references 

Command-Line  Syntax  Key 


bitsadmin  wrap 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Wraps  any  line  of  output  text  extending  beyond  the  rightmost  edge  of  the  command  window  to  the  next  line. 

Syntax 

bitsadmin  /Wrap  dob 


Parameters 

PARAMETER  DESCRIPTION 

Job  The  job's  display  name  or  GUID 

remarks 

Specify  before  other  commands.  By  default,  all  commands,  except  the  bitsadmin  monitor  command,  wrap  the 
output. 

Examples 

The  following  example  retrieves  information  for  thejob  named  myDownloadJob  and  wraps  the  output. 

C:\>bitsadmin  /Wrap  /Info  myDownloadJob  /verbose 


additional  references 


Command-Line  Syntax  Key 


bootcfg 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Configures,  queries,  or  changes  Boot.ini  file  settings. 

Syntax 

bootcfg  <parameten>  [arguments...] 

Parameters 

PARAMETER 

DESCRIPTION 

bootcfg  addsw 

adds  operating  system  load  options  for  a  specified  operating 
system  entry. 

bootcfg  copy 

Makes  a  copy  of  an  existing  boot  entry,  to  which  you  can  add 
command-line  options. 

bootcfg  dbgl  394 

Configures  1394  port  debugging  for  a  specified  operating 
system  entry. 

bootcfg  debug 

adds  or  changes  the  debug  settings  for  a  specified  operating 
system  entry. 

bootcfg  default 

Specifies  the  operating  system  entry  to  designate  as  the 
default. 

bootcfg  delete 

deletes  an  operating  system  entry  in  the  [operating 
systems]  section  of  the  Boot.ini  file. 

bootcfg  ems 

Enables  the  user  to  add  or  change  the  settings  for  redirection 
of  the  Emergency  Management  Services  console  to  a  remote 
computer. 

bootcfg  query 

Queries  and  displays  the  [boot  loader]  and  [operating 
systems]  section  entries  from  Boot.ini. 

bootcfg  raw 

adds  operating  system  load  options  specified  as  a  string  to  an 
operating  system  entry  in  the  [operating  systems]  section  of 
the  Boot.ini  file. 

bootcfg  rmsw 

removes  operating  system  load  options  for  a  specified 
operating  system  entry. 

bootcfg  timeout 


changes  the  operating  system  time-out  value. 


bootcfg  addsw 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


adds  operating  system  load  options  for  a  specified  operating  system  entry. 

Syntax 

bootcfg  /addsw  [/s  <computen>  [/u  <Domain>\<User>  /p  <Password>]]  [/mm  <MaximumRAM>]  [/bv]  [/so]  [/ng]  /id 
<OSEntryLineNum> 


Parameters 


TERM 

DEFINITION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/U\ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/p 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/mm 

Specifies  the  maximum  amount  of  RAM,  in  megabytes,  that 
the  operating  system  can  use.  The  value  must  be  equal  to  or 
greater  than  32  Megabytes. 

/bv 

adds  the  /basevideo  option  to  the  specified  ,  directing  the 
operating  system  to  use  standard  VGA  mode  for  the  installed 
video  driver. 

/so 

adds  the  /sos  option  to  the  specified  OSEntryLineNum, 
directing  the  operating  system  to  display  device  driver  names 
while  they  are  being  loaded. 

/ng 

adds  the  /noguiboot  option  to  the  specified  ,  disabling  the 
progress  bar  that  appears  before  the  CTRL+ALT+del  logon 
prompt. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  to  which  the 
operating  system  load  options  are  added.  The  first  line  after 
the  [operating  systems]  section  header  is  1. 

/? 


Displays  help  at  the  command  prompt. 


Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /addsw  command: 

bootcfg  /addsw  /mm  64  /id  2 
bootcfg  /addsw  /so  /id  3 

bootcfg  /addsw  /so  /ng  /s  srvmain  /u  hinopln  /id  2 
bootcfg  /addsw  /ng  /id  2 

bootcfg  /addsw  /mm  96  /ng  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /id  2 

additional  references 

Command-Line  Syntax  Key 


bootcfg  copy 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Makes  a  copy  of  an  existing  boot  entry,  to  which  you  can  add  command-line  options. 

Syntax 

bootcfg  /copy  [/s  <computer>  [/u  <Domain>\<User>  /p  <Password>]]  [/d  <Description>]  [/id  <OSEntryLineNum>] 

Parameters 


PARAMETER 

DESCRIPTION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/U\ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/P 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/d 

Specifies  the  description  for  the  new  operating  system  entry. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  to  copy.  The  first 
line  after  the  [operating  systems]  section  header  is  1 . 

/? 

Displays  help  at  the  command  prompt. 

Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /copy  command  to  copy  boot  entry  1  and  enter 
"\ABC  Server\"  as  the  description: 

bootcfg  /copy  /d  "\ABC  Senver\"  /id  1 

additional  references 


Command-Line  Syntax  Key 


bootcfg  dbg1394 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Configures  1 394  port  debugging  for  a  specified  operating  system  entry. 

Syntax 


bootcfg  /dbgl394  {ON  | 
<OSEntryLineNum> 

0FF}[/s  <computen>  [/u  <Domain>\<User>  /p  <Password>]]  [/ch  <Channel>]  /id 

Parameters 


PARAMETER 

DESCRIPTION 

{ON  |  OFF} 

Specifies  the  value  for  1394  port  debugging. 

-  ON  -  Enables  remote  debugging  support  by  adding  the 
/dbgl  394  option  to  the  specified  . 

-  OFF  -  Disables  remote  debugging  support  by  removing  the 
/dbgl  394  option  from  the  specified  . 

/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u\ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/P 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/ch  Channel 

Specifies  the  channel  to  use  for  debugging.  Valid  values  are 
integers  between  1  and  64.  Do  not  use  the  /ch  parameter  if 
1394  port  debugging  is  being  disabled. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  to  which  the 
1394  port  debugging  options  are  added.  The  first  line  after 
the  [operating  systems]  section  header  is  1. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /dbg1394command: 


bootcfg  /dbgl394  / id  2 

bootcfg  /dbgl394  on  /ch  1  /id  3 

bootcfg  /dbgl394  edit  /ch  8  /id  2 

bootcfg  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /dbg!394  off  /id  2 


additional  references 

Command-Line  Syntax  Key 


bootcfg  default 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Specifies  the  operating  system  entry  to  designate  as  the  default. 

Syntax 

bootcfg  /default  [/s  <computen>  [/u  <Domain>\<User>  /p  <Password>]]  [/Id  <OSEntryl_ineNum>] 

Parameters 


PARAMETER 

DESCRIPTION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/U\ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/P 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  to  designate  as 
default.  The  first  line  after  the  [operating  systems]  section 
header  is  1 . 

/? 

Displays  help  at  the  command  prompt. 

Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /defaultcommand: 
bootcfg  /default  /id  2 

bootcfg  /default  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /id  2 

additional  references 

Command-Line  Syntax  Key 


bootcfg  delete 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


deletes  an  operating  system  entry  in  the  [operating  systems]  section  of  the  Boot.ini  file. 


Syntax 


bootcfg  /delete  [ /s  <computer> 

[/u  <Domain>\<User>  /p  <Password>]]  [/id  <OSEntryLineNum>] 

Parameters 

TERM 

DEFINITION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  \ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/p 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  to  delete.  The 
first  line  after  the  [operating  systems]  section  header  is  1 . 

/?  Displays  help  at  the  command  prompt. 


Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /deletecommand: 
bootcfg  /delete  /id  1 

bootcfg  /delete  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /id  3 

additional  references 

Command-Line  Syntax  Key 


bootcfg  ems 

1 0/1 7/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Enables  the  user  to  add  or  change  the  settings  for  redirection  of  the  Emergency  Management  Services  console  to  a 
remote  computer.  By  enabling  Emergency  Management  Services,  you  add  a  "redirect=Port#''  line  to  the  [boot 
loader]  section  of  the  Boot.ini  file  and  a  /redirect  option  to  the  specified  operating  system  entry  line.  The 
Emergency  Management  Services  feature  is  enabled  only  on  servers. 

Syntax 

bootcfg  /ems  {ON  |  OFF  |  edit}  [/s  <computer>  [/u  <Domain>\<User>  /p  <Password>]]  [/port  {C0M1  |  COM2  |  COM3  | 
COM4  I  BIOSSET}]  [/baud  {9600  |  19200  |  38400  |  57600  |  115200}]  [/id  <OSEntryLineNum>] 


Parameters 

PARAMETER  DESCRIPTION 


{ON  |  OFF|  edit} 

Specifies  the  value  for  Emergency  Management  Services 
redirection. 

ON  -  Enables  remote  output  for  the  specified  .  adds  a  /redirect 
option  to  the  specified  and  a  redirect=com  setting  to  the 
[boot  loader]  section.  The  value  of  com  is  set  by  the  /port 
parameter. 

OFF  -  Disables  output  to  a  remote  computer,  removes  the 
/redirect  option  from  the  specified  and  the  redirect=com 
setting  from  the  [boot  loader]  section. 

edit  -  Allows  changes  to  port  settings  by  changing  the 
redirect=com  setting  in  the  [boot  loader]  section.  The  value  of 
com  is  reset  to  the  value  specified  by  the  /port  parameter. 

/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  \ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/P 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/port  {CO Ml  |  COM2  |  COM3  |  COM4  |  BIOSSET} 

Specifies  the  COM  port  to  be  used  for  redirection.  BIOSSET 
directs  Emergency  Management  Services  to  get  the  BIOS 
settings  to  determine  which  port  should  be  used  for 
redirection.  Do  not  use  the  /port  parameter  if  remotely 
administered  output  is  being  disabled. 

PARAMETER 


DESCRIPTION 


/baud  {9600  |  19200  |  38400|  57600  |  1 1 5200}  Specifies  the  baud  rate  to  be  used  for  redirection.  Do  not  use 

the  /baud  parameter  if  remotely  administered  output  is  being 
disabled. 


/id  Specifies  the  operating  system  entry  line  number  to  which  the 

Emergency  Management  Services  option  is  added  in  the 
[operating  systems]  section  of  the  Boot.ini  file.  The  first  line 
after  the  [operating  systems]  section  header  is  1 .  This 
parameter  is  required  when  the  Emergency  Management 
Services  value  is  set  to  ON  or  OFF. 


/?  Displays  help  at  the  command  prompt. 

Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /ems  command: 

bootcfg  /ems  on  /port  coml  /baud  19200  /id  2 
bootcfg  /ems  on  /port  biosset  /id  3 
bootcfg  /s  srvmain  /ems  off  /id  2 
bootcfg  /ems  edit  /port  com2  /baud  115200 

bootcfg  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /ems  off  /id  2 

additional  references 

Command-Line  Syntax  Key 


bootcfg  query 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Queries  and  displays  the  [boot  loader]  and  [operating  systems]  section  entries  from  Boot.ini. 


Syntax 


bootcfg  /query  [/s  <computer> 

[/u  <Domain>\<User>  /p  <Password>]] 

Parameters 

TERM 

DEFINITION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  \ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/p 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/?  Displays  help  at  the  command  prompt. 


rem  arks 

•  The  following  is  a  sample  of  bootcfg  /query  output: 

Boot  Loader  Settings  - timeout:  30  default:  multi(0)disl<(0)rdisl<(0)partition(l)\WINDOWS  Boot  Entries 

-  Boot  entry  ID:  1  Friendly  Name:  ""  path:  multi(0)disk(0)rdisk(0)partition(l)\WINDOWS  OS  Load  Options: 

/fastdetect  /debug  /debugport=coml : 

•  The  Boot  Loader  Settings  portion  of  the  bootcfg  query  output  displays  each  entry  in  the  [boot  loader]  section 
of  Boot.ini. 

•  The  Boot  Entries  portion  of  the  bootcfg  query  output  displays  the  following  detail  for  each  operating  system 
entry  in  the  [operating  systems]  section  of  Boot.ini:  Boot  entry  ID,  Friendly  Name,  path,  and  OS  Load  Options. 
##  Examples  The  following  examples  show  how  you  can  use  the  bootcfg  /query  command: 

bootcfg  /query  bootcfg  /query  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  bootcfg  /query  /u  hiropln  /p  p@ssW23 
####  additional  references  Command-Line  Syntax  Key 


bootcfg  raw 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


adds  operating  system  load  options  specified  as  a  string  to  an  operating  system  entry  in  the  [operating  systems] 
section  of  the  Boot.ini  file. 

Syntax 

bootcfg  /raw  [/s  <computer>  [/u  <Domain>\<Usen>  /p  <Password>]]  <OSLoadOptionsString>  [/id  <OSEntryLineNum>] 
[/a] 


Parameters 

TERM  DEFINITION 


/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  \ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/P 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

Specifies  the  operating  system  load  options  to  add  to  the 
operating  system  entry.  These  load  options  will  replace  any 
existing  load  options  associated  with  the  operating  system 
entry.  No  validation  of  is  done. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  to  update.  The 
first  line  after  the  [operating  systems]  section  header  is  1 . 

/a 

Specifies  that  the  operating  system  options  being  added 
should  be  appended  to  any  existing  operating  system  options. 

/? 

Displays  help  at  the  command  prompt. 

rem  arks 

•  bootcfg  raw  is  used  to  add  text  to  the  end  of  an  operating  system  entry,  overwriting  any  existing  operating 
system  entry  options.  This  text  should  contain  valid  OS  Load  Options  such  as  /debug,  /fastdetect,  /nodebug, 
/baudrate,  /crashdebug,  and  /sos.  For  example,  the  following  command  adds  "/debug  /fastdetect"  to  the 
end  of  the  first  operating  system  entry,  replacing  any  previous  operating  system  entry  options: 
bootcfg  /raw  "/debug  /fastdetect"  /id  i  ##  Examples  The  following  examples  show  how  you  can  use  the 
bootcfg  /raw  command: 

bootcfg  /raw  "/debug  /sos"  /id  2  bootcfg  /raw  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  "/crashdebug  "  /id  2 


####  additional  references  Command-Line  Syntax  Key 


bootcfg  rmsw 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


removes  operating  system  load  options  for  a  specified  operating  system  entry. 

Syntax 

bootcfg  /rmsw  [/s  <computer>  [/u  <Domain>\<User>  [/p  <Password>] ] ]  [/mm]  [/bv]  [/so]  [/ng]  /id  <OSEntryLineNum> 


Parameters 

PARAMETER  DESCRIPTION 


/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u\ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  \.  The  default  is  the  permissions  of  the  current 
logged  on  user  on  the  computer  issuing  the  command. 

/p 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/mm 

removes  the/maxmem  option  and  its  associated  maximum 
memory  value  from  the  specified  .  The  /maxmem  option 
specifies  the  maximum  amount  of  RAM  that  the  operating 
system  can  use. 

/bv 

removes  the  /basevideo  option  from  the  specified  .  The 
/basevideo  option  directs  the  operating  system  to  use 
standard  VGA  mode  for  the  installed  video  driver. 

/so 

removes  the  /sos  option  from  the  specified  .  The  /sos  option 
directs  the  operating  system  to  display  device  driver  names 
while  they  are  being  loaded. 

/ng 

removes  the  /noguiboot  option  from  the  specified  .  The 
/noguiboot  option  disables  the  progress  bar  that  appears 
before  the  CTRL+ALT+del  logon  prompt. 

/id 

Specifies  the  operating  system  entry  line  number  in  the 
[operating  systems]  section  of  the  Boot.ini  file  from  which  the 
OS  Load  Options  are  removed.  The  first  line  after  the 
[operating  systems]  section  header  is  1 . 

/? 


Displays  help  at  the  command  prompt. 


Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /rmswcommand: 

bootcfg  /rmsw  /mm  64  /id  2 
bootcfg  /rmsw  /so  /id  3 

bootcfg  /rmsw  /so  /ng  /s  srvmain  /u  hiropln  /id  2 
bootcfg  /rmsw  /ng  /id  2 

bootcfg  /rmsw  /mm  96  /ng  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /id  2 

additional  references 

Command-Line  Syntax  Key 


bootcfg  timeout 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


changes  the  operating  system  time-out  value. 

Syntax 

bootcfg  /timeout  <timeOutValue>  [ /s  <computer> 

[/u  <Domain\User>/p  <Password>]] 

Parameters 

PARAMETER 

DESCRIPTION 

/timeout 

Specifies  the  timeout  value  in  the  [boot  loader]  section.  The  is 
the  number  of  seconds  the  user  has  to  select  an  operating 
system  from  the  boot  loader  screen  before  NTLDR  loads  the 
default.  Valid  range  for  is  0-999.  If  the  value  is  0,  then  NTLDR 
immediately  starts  the  default  operating  system  without 
displaying  the  boot  loader  screen. 

/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  <Domain\User> 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  or  <Domain\User>.  The  default  is  the  permissions 
of  the  current  logged  on  user  on  the  computer  issuing  the 
command. 

/P 

Specifies  the  of  the  user  account  that  is  specified  in  the  /u 
parameter. 

/?  Displays  help  at  the  command  prompt. 


Examples 

The  following  examples  show  how  you  can  use  the  bootcfg  /timeout  command: 
bootcfg  /timeout  30 

bootcfg  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /timeout  50 

additional  references 

Command-Line  Syntax  Key 


break 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  or  clears  extended  CTRL  +  C  checking  on  MS-DOS  systems.  If  used  without  parameters,  break  displays  the 
current  setting. 


NOTE 

This  command  is  no  longer  in  use.  It  is  included  only  to  preserve  compatibility  with  existing  MS-DOS  files,  but  it  has  no  effect 
at  the  command  line  because  the  functionality  is  automatic. 


Syntax 


bneak=[on | off] 


Remarks 

If  command  extensions  are  enabled  and  running  on  the  Windows  platform,  inserting  the  break  command  into  a 
batch  file  enters  a  hard-coded  breakpoint  if  being  debugged  by  a  debugger. 

Additional  references 


Command-Line  Syntax  Key 


cacls 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  or  modifies  discretionary  access  control  lists  (DACL)  on  specified  files. 

Syntax 

cacls  <filename>  [/t]  [/m]  [ /I ]  [/s [ : sddl ] ]  [/e]  [/c]  [/g  usen:<perm>]  [/r  user  [...]]  [/p  user:<perm>  [...]] 
[/d  user  [...]] 

Parameters 


PARAMETER 

DESCRIPTION 

Required.  Displays  Acls  of  specified  files. 

A 

changes  Acls  of  specified  files  in  the  current  directory  and  all 
subdirectories. 

/m 

changes  Acls  of  volumes  mounted  to  a  directory. 

/I 

Work  on  the  Symbolic  Link  itself  versus  the  target. 

/s:sddl 

replaces  the  Acls  with  those  specified  in  the  SDDL  string  (not 
valid  with  /e,  /g,  /r,  /p,  or  /d). 

/e 

edit  ACL  instead  of  replacing  it. 

/c 

Continue  on  access  denied  errors. 

/g  user: 

Grant  specified  user  access  rights. 

Valid  values  for  permission: 

- n  -  none 

-  r  -  read 

-  w  -  write 

-  c  -  change  (write) 

-  f  -  full  control 

/r  user  [...] 

Revoke  specified  user's  access  rights  (only  valid  with  /e). 

PARAMETER 


DESCRIPTION 


[/p  user:  [...] 


replace  specified  user's  access  rights. 


Valid  values  for  permission: 


- n  -  none 

-  r  -  read 

-  w  -  write 


-  c  -  change  (write) 

-  f  -  full  control 


[/d  user  [...] 


Deny  specified  user  access. 


/? 


Displays  help  at  the  command  prompt. 


remarks 


•  This  command  has  been  deprecated.  Please  use  icacls  instead. 

•  Use  the  following  table  to  interpret  the  results: 

| Output] Access  control  entry  (ACE)  applies  to| 

I . !- . -I 

|OI|Object  inherit  This  folder  and  files. | 

|CI|Container  inherit.  This  folder  and  subfolders. | 

|IO|lnherit  only.  The  ACE  does  not  apply  to  the  current  f  i  I  e/d  i  r  e  cto  r  y .  | 
|No  output  message|This  folder  only.| 

|(OI)(CI)|This  folder,  subfolders,  and  files. | 

|(OI)(CI)(IO)|Su bfolders  and  files  only.) 

|(C l)(IO)|S ubfolders  only.| 

|(0 l)(IO)| Files  only.| 

•  You  can  use  wildcards  (?  and  \*)  to  specify  multiple  files. 

•  You  can  specify  more  than  one  user. 

##  additional  references 

•  Command-Line  Syntax  Key 

•  icacls 


call 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Calls  one  batch  program  from  another  without  stopping  the  parent  batch  program.  The  call  command  accepts 
labels  as  the  target  of  the  call. 


NOTE 

Call  has  no  effect  at  the  command  prompt  when  it  is  used  outside  of  a  script  or  batch  file. 


For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

call  [Drive: ] [Path]<FileName>  [<BatchParameters>]  [:<Label>  [<Arguments>] ] 

Parameters 


PARAMETER 

DESCRIPTION 

[<  Drive> :][] 

Specifies  the  location  and  name  of  the  batch  program  that  you 
want  to  call.  The  FileName  parameter  is  required,  and  it  must 
have  a  .bat  or  .and  extension. 

<  Batch  Pa  ra  meters  > 

Specifies  any  command-line  information  required  by  the  batch 
program. 

:<Label> 

Specifies  the  label  that  you  want  a  batch  program  control  to 
jump  to. 

<Arguments> 

Specifies  the  command-line  information  to  be  passed  to  the 
new  instance  of  the  batch  program,  beginning  at  label. 

/? 

Displays  help  at  the  command  prompt. 

Batch  parameters 

The  batch  script  argument  references  (%0,  %1, . 

..)  are  listed  in  the  following  tables. 

%\*  in  a  batch  script  refers  to  all  the  arguments  (for  example,  %1,  %2,  %3...) 

You  can  use  the  following  optional  syntaxes  as  substitutions  for  batch  parameters  (%n 


BATCH  PARAMETER 

DESCRIPTION 

%~1 

Expands  %1  and  removes  surrounding  quotation  marks  (" "). 

%~f1 

Expands  %1  to  a  fully  qualified  path. 

BATCH  PARAMETER 


DESCRIPTION 


%~d1 

Expands  %1  to  a  drive  letter  only. 

%~p1 

Expands  %1  to  a  path  only. 

%~n1 

Expands  %1  to  a  file  name  only. 

%~x1 

Expands  %1  to  a  file  name  extension  only. 

%~s1 

Expands  %1  to  a  fully  qualified  path  that  contains  short  names 
only. 

%~a1 

Expands  %1  to  the  file  attributes. 

%~t1 

Expands  %1  to  the  date  and  time  of  file. 

%~z1 

Expands  %1  to  the  size  of  the  file. 

%~$PATH:1 

Searches  the  directories  listed  in  the  PATH  environment 
variable,  and  expands  %1  to  the  fully  qualified  name  of  the 
first  directory  found.  If  the  environment  variable  name  is  not 
defined  or  the  file  is  not  found  by  the  search,  then  this 
modifier  expands  to  the  empty  string. 

The  following  table  shows  how  you 

can  combine  modifiers  with  the  batch  parameters  for  compound  results: 

BATCH  PARAMETER  WITH  MODIFIER 

DESCRIPTION 

%~dp1 

Expands  %1  to  a  drive  letter  and  path  only. 

%~nx1 

Expands  %1  to  a  file  name  and  extension  only. 

%~dp$PATH:1 

Searches  the  directories  listed  in  the  PATH  environment 
variable  for  %1,  and  then  expands  to  the  drive  letter  and  path 
of  the  first  directory  found. 

%~ftza1 

Expands  %1  to  display  output  similar  to  the  dir  command. 

In  the  above  examples,  %1  and  PATH  can  be  replaced  by  other  valid  values.  The  %~  syntax  is  terminated  by  a  valid 
argument  number.  The  %~  modifiers  cannot  be  used  with  %\*. 

Remarks 

•  Using  batch  parameters 

Batch  parameters  can  contain  any  information  that  you  can  pass  to  a  batch  program,  including  command¬ 
line  options,  file  names,  the  batch  parameters  %0  through  %9,  and  variables  (for  example,  %baud%). 

•  Using  the  Label  parameter 

By  using  call  with  the  Label  parameter,  you  create  a  new  batch  file  context  and  pass  control  to  the  statement 
after  the  specified  label.  The  first  time  the  end  of  the  batch  file  is  encountered  (that  is,  after  jumping  to  the 
label),  control  returns  to  the  statement  after  the  call  statement.  The  second  time  the  end  of  the  batch  file  is 
encountered,  the  batch  script  is  exited. 


•  Using  pipes  and  redirection  symbols 

Do  not  use  pipes  (|)  and  redirection  symbols  (<  or  >)  with  call. 

•  Making  a  recursive  call 

You  can  create  a  batch  program  that  calls  itself.  However,  you  must  provide  an  exit  condition.  Otherwise,  the 
parent  and  child  batch  programs  can  loop  endlessly. 

•  Working  with  command  extensions 

If  command  extensions  are  enabled,  call  accepts  Label  as  the  target  of  the  call.  The  correct  syntax  is  as 
follows: 

call  :\<Label>  <Arguments> 


Examples 

To  run  the  Checknew.bat  program  from  another  batch  program,  type  the  following  command  in  the  parent  batch 
program: 

call  checknew 

If  the  parent  batch  program  accepts  two  batch  parameters  and  you  want  it  to  pass  those  parameters  to 
Checknew.bat,  type  the  following  command  in  the  parent  batch  program: 

call  checknew  %1  %2 

Additional  references 

Command-Line  Syntax  Key 


cd 
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Displays  the  name  of  or  changes  the  current  directory.  If  used  with  only  a  drive  letter  (for  example,  cd  c:  ),  cd 
displays  the  names  of  the  current  directory  in  the  specified  drive.  If  used  without  parameters,  cd  displays  the 
current  drive  and  directory. 


NOTE 

This  command  is  the  same  as  the  chdir  command. 


For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 

cd  [/d]  [<Drive>: ] [<Path>] 
cd  [..] 

chdir  [/d]  [<Drive> : ] [<Path>] 
chdir  [ .  .  ] 

Parameters 

PARAMETER 

DESCRIPTION 

/d 

Changes  the  current  drive  as  well  as  the  current  directory  for  a 
drive. 

<Drive>: 

Specifies  the  drive  to  display  or  change  (if  different  from  the 
current  drive). 

<Path> 

Specifies  the  path  to  the  directory  that  you  want  to  display  or 
change. 

U 

Specifies  that  you  want  to  change  to  the  parent  folder. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

If  command  extensions  are  enabled,  the  following  conditions  apply  to  the  cd  command: 

•  The  current  directory  string  is  converted  to  use  the  same  case  as  the  names  on  the  disk.  For  example, 

cd  c:\temp  would  set  the  current  directory  to  C:\Temp  if  that  is  the  case  on  the  disk. 

•  Spaces  are  not  treated  as  delimiters,  so  Path  can  contain  spaces  without  enclosing  quotation  marks.  For 
example: 

cd  username\programs\start  menu 
is  the  same  as: 

cd  "username\programs\start  menu" 


The  quotation  marks  are  required,  however,  if  extensions  are  disabled. 


To  disable  command  extensions,  type: 

cmd  /e:off 


Examples 

The  root  directory  is  the  top  of  the  directory  hierarchy  for  a  drive.  To  return  to  the  root  directory,  type: 

cd\ 


To  change  the  default  directory  on  a  drive  that  is  different  from  the  one  you  are  on,  type: 
cd  [<Drive>:\[<Directory>]] 


To  verify  the  change  to  the  directory,  type: 
cd  [<Drive>:] 

Additional  references 

Command-Line  Syntax  Key 


certreq 
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Certreq  can  be  used  to  request  certificates  from  a  certification  authority  (CA),  to  retrieve  a  response  to  a  previous 
request  from  a  CA,  to  create  a  new  request  from  an  .inf  file,  to  accept  and  install  a  response  to  a  request,  to 
construct  a  cross-certification  or  qualified  subordination  request  from  an  existing  CA  certificate  or  request,  and  to 
sign  a  cross-certification  or  qualified  subordination  request. 


WARNING 

Earlier  versions  of  certreq  may  not  provide  all  of  the  options  that  are  described  in  this  document.  You  can  see  all  the  options 
that  a  specific  version  of  certreq  provides  by  running  the  commands  shown  in  the  Syntax  notations  section. 


Contents 

The  major  sections  in  this  article  are  as  follows: 

1.  Verbs 

2.  Syntax  notations 

3.  Options 

4.  Formats 

5.  Additional  certreq  examples 

Verbs 

There  following  table  describes  the  verbs  that  can  be  used  with  the  certreq  command 

SWITCH  DESCRIPTION 


-Submit 

Submits  a  request  to  a  CA.  For  more  information,  see  Certreq 
-submit. 

-retrieve  RequestID 

Retrieves  a  response  to  a  previous  request  from  a  CA.  For 
more  information,  see  Certreq  -retrieve. 

-New 

Creates  a  new  request  from  an  .inf  file.  For  more  information, 

see  Certreq  -new. 

-Accept 

Accepts  and  installs  a  response  to  a  certificate  request.  For 
more  information,  see  Certreq  -accept. 

-Policy 

Sets  the  policy  for  a  request.  For  more  information,  see 

Certreq  -policy. 

-Sign 

Signs  a  cross-certification  or  qualified  subordination  request. 
For  more  information,  see  Certreq  -sign. 

-Enroll 

Enrolls  for  or  renews  a  certificate.  For  more  information,  see 

Certreq  -enroll. 

SWITCH 


DESCRIPTION 


-? 

Displays  a  list  of  certreq  syntax,  options,  and  descriptions. 

<verb>  -? 

Displays  help  for  the  verb  specified. 

-v  -? 

Displays  a  verbose  list  of  the  certreq  syntax,  options,  and 
descriptions. 

Return  to  Contents 

Syntax  notations 

•  For  basic  command  line  syntax,  run  certreq  -? 

•  For  the  syntax  on  using  certutil  with  a  specific  verb,  run  certreq  <verb>  -? 

•  To  send  all  of  the  certutil  syntax  into  a  text  file,  run  the  following  commands: 

o  certreq  -v  -?  >  certreqhelp.txt 

o  notepad  certreqhelp.txt 

The  following  table  describes  the  notation  used  to  indicate  command-line  syntax. 

NOTATION 

DESCRIPTION 

Text  without  brackets  or  braces 

Items  you  must  type  as  shown 

<Text  inside  angle  brackets> 

Placeholder  for  which  you  must  supply  a  value 

[Text  inside  square  brackets] 

Optional  items 

{Text  inside  braces} 

Set  of  required  items;  choose  one 

Vertical  bar  (|) 

Separator  for  mutually  exclusive  items;  choose  one 

Ellipsis  (...) 

Items  that  can  be  repeated 

Return  to  Contents 

Certreq  -submit 

This  is  the  default  certreq.exe  parameter,  if  no  option  is  specified  explicitly  at  the  command-line  prompt,  certreq.exe 
attempts  to  submit  a  certificate  request  to  a  CA. 

CertReq  [-Submit]  [Options]  [RequestFileln  [CertFileOut 

[CertChainFileOut  [FullResponseFileOut] ] ] ] 

You  must  specify  a  certificate  request  file  when  using  the -submit  option.  If  this  parameter  is  omitted,  a  common 
File  Open  window  is  displayed  where  you  can  select  the  appropriate  certificate  request  file. 

You  can  use  these  examples  as  a  starting  point  to  build  your  certificate  submit  request: 

To  submit  a  simple  certificate  request  use  the  example  below: 

certreq  -submit  certRequest.req  certnew.cer  certnew.pfx 


To  request  a  certificate  by  specifying  the  SAN  attribute,  see  the  detailed  steps  in  Microsoft  Knowledge  Base  article 
931351  How  to  add  a  Subject  Alternative  Name  to  a  secure  LDAP  certificate  in  the  "How  to  use  the  Certreq.exe 
utility  to  create  and  submit  a  certificate  request  that  includes  a  SAN"  section. 

Return  to  Contents 

Certreq  -retrieve 

certreq  -retrieve  [Options]  Requestld  [CertFileOut  [CertChainFileOut  [FullResponseFileOut] ] ] 

•  If  you  don't  specify  the  CAComputerName  or  CAName  in  -config  CAComputerName\CANamea  dialog  box 
appears  and  displays  a  list  of  all  CAs  that  are  available. 

•  If  you  use  -config  -  instead  of  -config  CAComputerName\CAName,  the  operation  is  processed  using  the 
default  CA. 

•  You  can  use  certreq  -retrieve  RequestID  to  retrieve  the  certificate  after  the  CA  has  actually  issued  it.  The 
RequestIDPKC  can  be  a  decimal  or  hex  with  Ox  prefix  and  it  can  be  a  certificate  serial  number  with  no  Ox  prefix. 
You  can  also  use  it  to  retrieve  any  certificate  that  has  ever  been  issued  by  the  CA,  including  revoked  or  expired 
certificates,  without  regard  to  whether  the  certificate's  request  was  ever  in  the  pending  state. 

•  If  you  submit  a  request  to  the  CA,  the  policy  module  of  the  CA  might  leave  the  request  in  a  pending  state  and 
return  the  RequestID  to  the  Certreq  caller  for  display.  Eventually,  the  CA's  administrator  will  issue  the  certificate 
or  deny  the  request. 

The  command  below  retrieves  the  certificate  id  20  and  creates  the  certificate  file  (.cer): 

certreq  -retrieve  20  MyCertificate. cer 

Return  to  Contents 

Certreq  -new 

certreq  -new  [Options]  [PolicyFileln  [RequestFileOut] ] 

Since  the  INF  file  allows  for  a  rich  set  of  parameters  and  options  to  be  specified,  it  is  difficult  to  define  a  default 
template  that  administrators  should  use  for  all  purposes.  Therefore,  this  section  describes  all  the  options  to  enable 
you  to  create  an  INF  file  tailored  to  your  specific  needs.  The  following  key  words  are  used  to  describe  the  INF  file 
structure. 

1 .  A  section  is  an  area  in  the  INF  file  that  covers  a  logical  group  of  keys.  A  section  always  appears  in  brackets  in  the 
INF  file. 

2.  A  key  is  the  parameter  that  is  to  the  left  of  the  equal  sign. 

3.  A  value  is  the  parameter  that  is  to  the  right  of  the  equal  sign. 

For  example,  a  minimal  INF  file  would  look  similar  to  the  following: 

[NewRequest] 

;  At  least  one  value  must  be  set  in  this  section 
Subject  =  "CN=W2K8-B0-DC. contoso2.com" 

The  following  are  some  of  the  possible  sections  that  may  be  added  to  the  INF  file: 

[NewRequest] 


This  section  is  mandatory  for  an  INF  file  that  acts  as  a  template  for  a  new  certificate  request.  This  section  requires 
at  least  one  key  with  a  value. 


KEY 

Subject 


Exportable 


ExportableEncrypted 


HashAlgorithm 

KeyAlgorithm 


DEFINITION  VALUE 

Several  applications  rely  on  Relative  Distinguished  Name 

the  subject  information  in  a  string  values 

certificate.  Thus,  it  is 

recommended  that  a  value 

for  this  key  be  specified.  If 

the  subject  is  not  set  here,  it 

is  recommended  that  a 

subject  name  be  included  as 

part  of  the  subject 

alternative  name  certificate 

extension. 


If  this  attribute  is  set  to  true,  false 

TRUE,  the  private  key  can  be 
exported  with  the  certificate. 

To  ensure  a  high  level  of 
security,  private  keys  should 
not  be  exportable;  however, 
in  some  cases,  it  might  be 
required  to  make  the  private 
key  exportable  if  several 
computers  or  users  must 
share  the  same  private  key. 


Specifies  whether  the  private  true,  false 

key  should  be  set  to  be 

exportable. 


Hash  Algorithm  to  be  used  Sha256,  sha384,  sha51 2, 
for  this  request.  shal,  md5,  md4,  md2 


The  algorithm  that  will  be  RSA,  DH,  DSA,  ECDH_P256, 

used  by  the  service  provider  ECDH_P521,  ECDSA_P256, 
to  generate  a  public  and  ECDSA_P384,  ECDSA_P521 

private  key  pair. 


EXAMPLE 

Subject  = 

"CN=computer1  .contoso.co 
m"  Subject="CN=John 
Smith, CN=  Users, DC=Contos 
o,DC=com" 


Exportable  =  TRUE.  CNG 
keys  can  distinguish  between 
this  and  plaintext  exportable. 
CAPI1  keys  cannot. 


ExportableEncrypted  =  true 
Tip:  Not  all  public  key  sizes 
and  algorithms  will  work 
with  all  hash  algorithms. 
Tamehe  specified  CSP  must 
also  support  the  specified 
hash  algorithm.  To  see  the 
list  of  supported  hash 
algorithms,  you  can  run  the 
command 

certutil  -oid  1  | 
findstr  pwszCNGAlgid  | 
findstr  /v  CryptOIDInf o 

HashAlgorithm  =  shal.  To 
see  the  list  of  supported 
hash  algorithms  use:  certutil 
-oid  1  |  findstr 
pwszCNGAlgid  |  findstr  /v 
CryptOIDInfo 

KeyAlgorithm  =  RSA 


KEY 


DEFINITION 


VALUE 


EXAMPLE 


KeyContainer 


KeyLength 


KeySpec 


It  is  not  recommended  to 
set  this  parameter  for  new 
requests  where  new  key 
material  is  generated.  The 
key  container  is 
automatically  generated  and 
maintained  by  the  system. 
For  requests  where  the 
existing  key  material  should 
be  used,  this  value  can  be 
set  to  the  key-container 
name  of  the  existing  key. 

Use  the  certutil  -key 
command  to  display  the  list 
of  available  key  containers 
for  the  machine  context.  Use 
the  certutil  -key  -user 
command  for  the  current 
user's  context. 


Random  string  value 
Tip:  You  should  use  double 
quotes  around  any  INF  key 
value  that  has  blanks  or 
special  characters  to  avoid 
potential  INF  parsing  issues. 


Defines  the  length  of  the 
public  and  private  key.  The 
key  length  has  an  impact  on 
the  security  level  of  the 
certificate.  Greater  key 
length  usually  provides  a 
higher  security  level; 
however,  some  applications 
may  have  limitations 
regarding  the  key  length. 


Any  valid  key  length  that  is 
supported  by  the 
cryptographic  service 
provider. 


Determines  if  the  key  can  be  AT_NONE,  AT_SIGNATURE, 
used  for  signatures,  for  AT_KEYEXCHANGE 

Exchange  (encryption),  or  for 
both. 


KeyContainer  =  {C347BD28- 

7F69-4090-AA16- 

BC58CF4D749C} 


KeyLength  =  2048 


KeySpec  = 

AT_KEY  EXCHANGE 


KEY 


DEFINITION 


VALUE 


EXAMPLE 


KeyUsage 


Defines  what  the  certificate 
key  should  be  used  for. 


CERT_DIGITAL_SIGNATURE_K 
EY_ USAGE  -  80  (128) 

Tip:  The  values  shown  are 
hexadecimal  (decimal)  values 
for  each  bit  definition.  Older 
syntax  can  also  be  used:  a 
single  hexadecimal  value 
with  multiple  bits  set,  instead 
of  the  symbolic 
representation.  For  example, 
KeyUsage  =  OxaO. 
CERT.NON.  REPUDIATIONS 
EY_ USAGE  -  40  (64) 
CERT_KEY_ENCIPHERMENT_ 
KEY_USAGE  -  20  (32) 

CERT.  DATA.ENCIPHERM  ENT 
_KEY_USAGE  -  10  (16) 
CERT_KEY_AGREEMENT_KEY 
.USAGE  -  8 

CERT_KEY_CERT_SI  G  N_KEY_ 
USAGE  -  4 

CERT_OFFLINE_CRL_SIGN_KE 
Y_  USAGE  -  2 

C  ERT_CRL_SI  G  N_KEY_U  SAG  E 
-  2 

CERT_ENCIPHER_ONLY_KEY_ 
USAGE  -  1 

CERT_DECIPHER_ONLY_KEY_ 
USAGE  -  8000  (32768) 


KeyUsage  = 

"C  ERT.  D I G I  TAL.SI  G  N  ATU  RE. 
KEY. USAGE  | 

CERT.KEY.ENCIPHERMENT. 

KEY.USAGE" 

Tip:  Multiple  values  use  a 
pipe  (|)  symbol  separator. 
Ensure  that  you  use  double¬ 
quotes  when  using  multiple 
values  to  avoid  INF  parsing 
issues. 


KeyUsageProperty 

Retrieves  a  value  that 

NCRYPT.ALLOW.DECRYPT.F 

KeyUsageProperty  = 

identifies  the  specific 

LAG  -  1 

"NCRYPT.ALLOW.DECRYPT. 

purpose  for  which  a  private 

NCRYPT.ALLOW.SIGNING.F 

FLAG  | 

key  can  be  used. 

LAG  -  2 

NCRYPT.ALLOW.KEY.AGREE 
MENT.FLAG  -  4 

N  C  RY  PT_  A  L  LOW.  A  L  L_  U  SAG 
ES-ffffff  (16777215) 

NCRYPT.ALLOW.SIGNING.F 

LAG" 

KEY 


DEFINITION 


VALUE 


EXAMPLE 


MachineKeySet 


Not  Before 


NotAfter 


PrivateKeyArchive 


This  key  is  important  when  true,  false  MachineKeySet  =  true 

you  need  to  create  Tip:  The  default  is  false. 

certificates  that  are  owned 

by  the  machine  and  not  a 

user.  The  key  material  that  is 

generated  is  maintained  in 

the  security  context  of  the 

security  principal  (user  or 

computer  account)  that  has 

created  the  request.  When 

an  administrator  creates  a 

certificate  request  on  behalf 

of  a  computer,  the  key 

material  must  be  created  in 

the  machine's  security 

context  and  not  the 

administrator's  security 

context.  Otherwise,  the 

machine  could  not  access  its 

private  key  since  it  would  be 

in  the  administrator's 

security  context. 


Specifies  a  date  or  date  and 
time  before  which  the 
request  cannot  be  issued. 
NotBefore  can  be  used  with 
ValidityPeriod  and 

Validity  Periodllnits. 

date  or  date  and  time 

NotBefore  =  "7/24/2012 

10:31  AM" 

Tip:  NotBefore  and  NotAfter 
are  for  RequestType=cert 
only.Date  parsing  attempts 
to  be  locale-sensitive.Using 
month  names  will 
disambiguate  and  should 
work  in  every  locale. 

Specifies  a  date  or  date  and 

date  or  date  and  time 

NotAfter  =  "9/23/2014 

time  after  which  the  request 

10:31  AM" 

cannot  be  issued.  NotAfter 

Tip:  NotBefore  and  NotAfter 

cannot  be  used  with 

are  for  RequestType=cert 

ValidityPeriod  or 

only.Date  parsing  attempts 

Validity  Periodllnits. 

to  be  locale-sensitive.Using 
month  names  will 
disambiguate  and  should 
work  in  every  locale. 

The  PrivateKeyArchive  true,  false  PrivateKeyArchive  =  True 

setting  works  only  if  the 

corresponding  RequestType 

is  set  to  "CMC"  because  only 

the  Certificate  Management 

Messages  over  CMS  (CMC) 

request  format  allows  for 

securely  transferring  the 

requester's  private  key  to 

the  CA  for  key  archival. 


KEY 


DEFINITION 


VALUE 


EXAMPLE 


EncryptionAlgorithm 


EncryptionLength 


ProviderName 


ProviderType 


RenewalCert 


The  encryption  algorithm  to  Possible  options  vary,  EncryptionAlgorithm  =  3des 

use.  depending  on  the  operating 

system  version  and  the  set 
of  installed  cryptographic 
providers.  To  see  the  list  of 
available  algorithms,  run  the 
command 
certutil  -oid  2  | 
findstr  pwszCNGAlgid 

The  specified  CSP  used  must 
also  support  the  specified 
symmetric  encryption 
algorithm  and  length. 


Length  of  encryption  Any  length  allowed  by  the  EncryptionLength  =  128 

algorithm  to  use.  specified 

EncryptionAlgorithm. 


The  provider  name  is  the  If  you  do  not  know  the  ProviderName  =  "Microsoft 

display  name  of  the  CSP.  provider  name  of  the  CSP  RSA  SChannel  Cryptographic 

you  are  using,  run  certutil  -  Provider" 
csplist  from  a  command  line. 

The  command  will  display 
the  names  of  all  CSPs  that 
are  available  on  the  local 
system 


The  provider  type  is  used  to 
select  specific  providers 
based  on  specific  algorithm 
capability  such  as  "RSA  Full". 


If  you  do  not  know  the  ProviderType  =  1 

provider  type  of  the  CSP  you 

are  using,  run  certutil  - 

csplist  from  a  command-line 

prompt.  The  command  will 

display  the  provider  type  of 

all  CSPs  that  are  available  on 

the  local  system. 


If  you  need  to  renew  a 
certificate  that  exists  on  the 
system  where  the  certificate 
request  is  generated,  you 
must  specify  its  certificate 
hash  as  the  value  for  this 
key. 


The  certificate  hash  of  any 
certificate  that  is  available  at 
the  computer  where  the 
certificate  request  is  created. 
If  you  do  not  know  the 
certificate  hash,  use  the 
Certificates  MMC  Snap-In 
and  look  at  the  certificate 
that  should  be  renewed. 
Open  the  certificate 
properties  and  see  the 
"Thumbprint"  attribute  of 
the  certificate.  Certificate 
renewal  requires  either  a 
PKCS#7  or  a  CMC  request 
format. 


RenewalCert  = 
4EDF274BD291 9C6E9EC6A 
522F0F3B1  53E9B1 582D 


KEY 


DEFINITION 


VALUE 


EXAMPLE 


RequesterName 
Note:  This  makes  the 
request  to  enroll  on  behalf 
of  another  user  request.The 
request  must  also  be  signed 
with  an  Enrollment  Agent 
certificate,  or  the  CA  will 
reject  the  request.  Use  the  - 
cert  option  to  specify  the 
enrollment  agent  certificate. 


RequestType 


SecurityDescriptor 
Tip:  This  is  relevant  only  for 
machine  context  non-smart 
card  keys. 


AlternateSignatureAlgorithm 


Silent 


The  requester  name  can  be  Domain\User 

specified  for  certificate 

requests  if  the  RequestType 

is  set  to  PKCS#7  or  CMC.  If 

the  RequestType  is  set  to 

PKCS#10,  this  key  will  be 

ignored.  The  Requestername 

can  only  be  set  as  part  of 

the  request.  You  cannot 

manipulate  the 

Requestername  in  a  pending 

request. 


Determines  the  standard 
that  is  used  to  generate  and 
send  the  certificate  request. 


PKCS10  -  1 
PKCS7  -  2 
CMC  -  3 
Cert  --  4 

Tip:  This  option  indicates  a 
self-signed  or  self-issued 
certificate.  It  does  not 
generate  a  request,  but 
rather  a  new  certificate  and 
then  installs  the 
certificate.Self-signed  is  the 
default. Specify  a  signing  cert 
by  using  the  -cert  option  to 
create  a  self- issued  certificate 
that  is  not  self-signed. 


Contain  the  security  Strings  based  on  security 

information  associated  with  descriptor  definition 

securable  objects.  For  most  language. 

securable  objects,  you  can 

specify  an  object's  security 

descriptor  in  the  function  call 

that  creates  the  object. 


Specifies  and  retrieves  a  true,  false 

Boolean  value  that  indicates 

whether  the  signature 

algorithm  object  identifier 

(OID)  for  a  PKCS#10  request 

or  certificate  signature  is 

discrete  or  combined. 


By  default,  this  option  allows  true,  false 

the  CSP  access  to  the 

interactive  user  desktop  and 

request  information  such  as 

a  smart  card  PIN  from  the 

user.  If  this  key  is  set  to 

TRUE,  the  CSP  must  not 

interact  with  the  desktop 

and  will  be  blocked  from 

displaying  any  user  interface 

to  the  user. 


Requestername  = 
"Contoso\BSmith" 


RequestType  =  CMC 


SecurityDescriptor  = 
"D:P(A;;GA;;;SY)(A;;GA;;;BA)" 


AlternateSignatureAlgorithm 
=  false 

Tip:  For  an  RSA  signature, 
false  indicates  a  Pkcsl  vl.5. 
True  indicates  a  v2.1 
signature. 


Silent  =  true 


KEY 


DEFINITION 


VALUE 


EXAMPLE 


SMIME  If  this  parameter  is  set  to  true,  false  SMIME  =  true 

TRUE,  an  extension  with  the 
object  identifier  value 
1.2.840.113549.1.9.15  is 
added  to  the  request.  The 
number  of  object  identifiers 
depends  on  the  on  the 
operating  system  version 
installed  and  CSP  capability, 
which  refer  to  symmetric 
encryption  algorithms  that 
may  be  used  by  Secure 
Multipurpose  Internet  Mail 
Extensions  (S/MIME) 
applications  such  as 
Outlook. 


UseExistingKeySet  This  parameter  is  used  to  true,  false  UseExisting KeySet  =  true 

specify  that  an  existing  key 
pair  should  be  used  in 
building  a  certificate  request. 

If  this  key  is  set  to  TRUE,  you 
must  also  specify  a  value  for 
the  RenewalCert  key  or  the 
KeyContainer  name.  You 
must  not  set  the  Exportable 
key  because  you  cannot 
change  the  properties  of  an 
existing  key.  In  this  case,  no 
key  material  is  generated 
when  the  certificate  request 
is  built. 


KeyProtection 

Specifies  a  value  that 
indicates  how  a  private  key 
is  protected  before  use. 

XCN_NCRYPT_UI_NO_PROTC 
TION_FLAG  -  0 
XCN_NCRYPT_UI_PROTECT_ 
KEY_FLAG  -  1 
XCN_NCRYPT_UI_FORCE_HI 
GH_PROTECTION_FLAG  -  2 

KeyProtection  = 

NCRYPT_Ui_FORCE_HIGH_P 

ROTECTION_FLAG 

Suppress  Defaults 

Specifies  a  Boolean  value 
that  indicates  whether  the 

default  extensions  and 

attributes  are  included  in  the 
request.  The  defaults  are 
represented  by  their  object 
identifiers  (OIDs). 

true,  false 

SuppressDefaults  =  true 

FriendlyName 

A  friendly  name  for  the  new 
certificate. 

Text 

FriendlyName  =  "Serverl " 

Validity  PeriodUnits 

Note:  This  is  used  only  when 
the  request  type=cert. 

Specifies  a  number  of  units 
that  is  to  be  used  with 

Validity  Period. 

Numeric 

ValidityPeriodUnits  =  3 

Validity  Period 

Note:  This  is  used  only  when 
the  request  type=cert. 

VValidityPeriod  must  be  an 

US  English  plural  time 
period. 

Years,  Months,  Weeks,  Days, 
Flours,  Minutes,  Seconds 

ValidityPeriod  =  Years 

Return  to  Contents 


[Extensions] 

This  section  is  optional. 


EXTENSION  OID 

DEFINITION 

VALUE 

EXAMPLE 

2.5.29.17 

2.5.29.17  =  "{text}" 

continue 

continue  = 

"UPN=User@Domain.com&" 

continue 

continue  = 

"EMail=User@Domain.com& 

continue 

continue  = 

"DNS=  host.domain.com&" 

continue 

continue  = 

"DirectoryName=CN=Name, 
DC=  Domain, DC=com&" 

continue 

continue  = 

"URL=  http://host.domain.co 
m/default.html&" 

continue 

continue  = 

"IPAddress=1 0.0.0. 1&" 

continue 

continue  = 

"Registeredld=  1 ,2.3.4.5&" 

continue 

continue  =  "1.2.3.4.6.1  = 
{utf8}String&" 

continue 

continue  =  "1. 2.3.4. 6. 2  = 

{octet}  AAECAwQ  F  Bgc=  &" 

continue 

continue  =  "1. 2.3.4. 6. 2  = 

{octet}{hex}00  01  02  03  04 

05  06  07&" 

continue 

continue  =  "1.2.3.4.6.3  = 
{asn}BAgAAQIDBAUGBw=  = 

&" 

continue 

continue  =  "1. 2.3.4. 6. 3  = 

{hex}04  08  00  01  02  03  04 

05  06  07" 

2.5.29.37 

2. 5.29. 37  =  "{text}" 

continue 

continue  =  "1.3.6. 1.5. 5.7. 

continue 

continue  =  "1.3.6. 1.5. 5.7. 3.1" 

EXTENSION  OID 

DEFINITION 

VALUE 

EXAMPLE 

2.5.29.19 

"{text}ca= 0pathlength= 3 " 

Critical 

Critical=2.5.29.19 

KeySpec 

AT.NONE  -  0 

AT.SIG NATURE  -  2 

AT.KEY EXCHANGE  -  1 

FtequestType 

PKCS10  -  1 

PKCS7  -  2 

CMC  -  3 

Cert  —  4 

KeyUsage 

C  E  RT_D  1 G 1  TAL.SI  G  NATU  RE. 

EY_ USAGE  -  80  (128) 
CERT_NON_REPUDIATION_K 
EY_ USAGE  -  40  (64) 
CERT_KEY_ENCI  PH  ERM  ENT_ 
KEY_ USAGE  -  20  (32) 
CERT_DATA_ENCIPHERMENT 
_KEY_USAGE  -  10  (16) 
CERT_KEY_AGREEMENT_KEY 
.USAGE  -  8 

C  E  RT_KEY_C  ERT.SIG  N_KEY_ 
USAGE  -  4 

CERT_OFFLINE_CRL_SIGN_KE 
Y_  USAGE  -  2 

C  E  RT_C  RL.S1G  N_KEY_U  SAG  E 
-  2 

CERT_ENCIPHER_ONLY_KEY_ 
USAGE  -  1 

CERT_DECIPHER_ONLY_KEY_ 
USAGE  -  8000  (32768) 

KeyUsageProperty  NCRYPT_ALLOW_DECRYPT_F 

LAG  -  1 

NCRYPT_ALLOW_SIGNING_F 
LAG  -  2 

NCRYPT_ALLOW_KEY_AGREE 
MENT.FLAG  -  4 
NC  RYPT_ALLOW_ALL_U  SAG 
ES-ffffff  (167772 15) 

KeyProtection  NCRYPT_Ui_NO_PROTECTIO 

N.FLAG  -  0 

NCRYPT_Ui_PROTECT_KEY_F 
LAG  -  1 

NC  RYPT.U  i_FO  RC  E_HIGH_P 
ROTECTION.FLAG  -  2 


EXTENSION  OID 


DEFINITION 


VALUE 


EXAMPLE 


SubjectNameFlags 


template  CT_FLAG_SU  BJ  ECT_REQU  I  RE 

_COMMON_NAME  - 
40000000  (1073741824) 
CT_FLAG_SU  BJ  ECT_REQU  I  RE 
.DIRECTORY, PATH  - 
80000000  (2147483648) 
CT_FLAG_SU  BJ  ECT.REQU  I  RE 
_DNS_AS_CN  -  10000000 
(268435456) 

CT_FLAG_SU  BJ  ECT.REQU  I  RE 
.EMAIL  -  20000000 
(536870912) 

CT.FLAG.OLD.CERT.SUPPLI 
ES.SU  BJ  ECT.AND.ALT_  NAM 
E  -  8 

CT.FLAG.SU  BJECT.ALT.REQ 
UIRE.DIRECTORY.GUID  - 
1000000  (16777216) 
CT.FLAG.SU  BJECT.ALT.REQ 
UIRE.DNS-  8000000 
(134217728) 

CT.FLAG.SU  BJECT.ALT.REQ 
UIRE.DOMAIN.DNS  - 
400000  (4194304) 
CT.FLAG.SU  BJECT.ALT.REQ 
UIRE.EMAIL  -  4000000 
(67108864) 

CT.FLAG.SU  BJ  ECT.ALT.REQ 
UIRE.SPN  -  800000 
(8388608) 

CT.FLAG.SU  BJECT.ALT.REQ 
UIRE.UPN  -  2000000 
(33554432) 


EXTENSION  OID 


DEFINITION 


VALUE 


EXAMPLE 


X500NameFlags  CERT_NAME_STR_NONE  -  0 

CERT_OID_NAME_STR  —  2 
CERT_X500_NAME_STR  —  3 
CERT_NAME_STR_SEMICOLO 
N_FLAG  -  40000000 
(1073741824) 

CERT_NAME_STR_NO_PLUS_ 
FLAG  -  20000000 
(536870912) 

CERT_NAME_STR_NO_QUOT 
ING_FLAG  -  10000000 
(268435456) 

CERT_NAME_STR_CRLF_FLA 
G  -  8000000  (134217728) 
CERT_NAME_STR_COMMA_F 
LAG  -  4000000 
(67108864) 

CERT_NAME_STR_REVERSE_F 
LAG  -  2000000 
(33554432) 

CERT_NAME_STR_FORWARD 
_FLAG  -  1000000 
(16777216) 

CERT_NAME_STR_DISABLE_I 
E4_UTF8_FLAG  -  10000 
(65536) 

CERT_NAME_STR_ENABLE_T 
61_UNICODE_FLAG  - 
20000  (131072) 
CERT_NAME_STR_ENABLE_U 
TF8_UN1CODE_FLAG  - 
40000  (262144) 
CERT_NAME_STR_FORCE_UT 
F8_DIR_STR_FLAG  -  80000 
(524288) 

CERT_NAME_STR_DISABLE_U 
TF8_DIR_STR_FLAG  - 
100000  (1048576) 
CERT_NAME_STR_ENABLE_P 
UNYCODE_FLAG  -  200000 
(2097152) 
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NOTE 

SubjectNameFlags  allows  the  INF  file  to  specify  which  Subject  and  SubjectAltName  extension  fields  should  be  auto-populated 
by  certreq  based  on  the  current  user  or  current  machine  properties:  DNS  name,  UPN,  and  so  on.  Using  the  literal  "template" 
means  the  template  name  flags  are  used  instead.  This  allows  a  single  INF  file  to  be  used  in  multiple  contexts  to  generate 
requests  with  context-specific  subject  information. 

X500NameFlags  specifies  the  flags  to  be  passed  directly  to  CertStrToName  API  when  the  Subject  INF  keys  value  is  converted 
to  an  ASN.1  encoded  Distinguished  Name. 


To  request  a  certificate  based  using  certreq  -new  use  the  steps  from  the  example  below: 


WARNING 

The  content  for  this  topic  is  based  on  the  default  settings  for  Windows  Server  2008  AD  CS;  for  example,  setting  the  key 
length  to  2048,  selecting  Microsoft  Software  Key  Storage  Provider  as  the  CSP  and  using  Secure  Hash  Algorithm  1  (SHA1). 
Evaluate  these  selections  against  the  requirements  of  your  company's  security  policy. 


To  create  a  Policy  File  (.inf)  copy  and  save  the  example  below  in  Notepad  and  save  as  RequestConfig.inf: 

[NewRequest] 

Subject  =  "CN=<FQDN  of  computer  you  are  creating  the  certificate:*" 

Exportable  =  TRUE 
KeyLength  =  2048 
KeySpec  =  1 
KeyUsage  =  0xf0 
MachineKeySet  =  TRUE 
[Request Attributes] 

CertificateTemplate=" Webserver" 

[Extensions] 

OID  =  1.3.6. 1.5. 5. 7. 3.1 
OID  =  1.3. 6. 1.5. 5. 7. 3. 2 


On  the  computer  for  which  you  are  requesting  a  certificate  type  the  command  below: 


CertReq  -New  RequestConfig.inf  CertRequest. req 


The  following  example  demonstrates  implementing  the  [Strings]  section  syntax  for  OIDs  and  other  difficult  to 
interpret  data.  The  new  {text}  syntax  example  for  EKU  extension,  which  uses  a  comma  separated  list  of  OIDs: 


[Version] 

Signature="$Windows  NT$ 

[Strings] 

szOID_ENHANCED_KEY_USAGE  =  "2.5.29.37" 
szOID_PKIX_KP_SERVER_AUTH  =  "1 . 3 . 6 . 1 . 5 . 5 . 7. 3 . 1" 
szOID_PKIX_KP_CLIENT_AUTH  =  "1 . 3 . 6 . 1 . 5 . 5 . 7. 3 . 2" 

[NewRequest] 

Subject  =  "CN=TestSelfSignedCert" 

Requesttype  =  Cert 

[Extensions] 

%szOID_ENHANCED_KEY_USAGE%="{text}%szOID_PKIX_KP_SERVER_AUTH%J" 
continue  =  "%szOID  PKIX  KP  CLIENT  AUTH%" 


Return  to  Contents 

Certreq  -accept 

CertReq  -accept  [Options]  [CertChainFileln  |  FullResponseFileln  |  CertFileln] 


The  -accept  parameter  links  the  previously  generated  private  key  with  the  issued  certificate  and  removes  the 
pending  certificate  request  from  the  system  where  the  certificate  is  requested  (if  there  is  a  matching  request). 

You  can  use  this  example  for  manually  accepting  a  certificate: 


certreq  -accept  certnew.cer 


WARNING 

The  -accept  verb,  the  -user  and  -machine  options  indicate  whether  the  cert  being  installed  should  be  installed  in  user  or 
machine  context.  If  there's  an  outstanding  request  in  either  context  that  matches  the  public  key  being  installed,  then  these 
options  are  not  needed.  If  there  is  no  outstanding  request,  then  one  of  these  must  be  specified. 
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Certreq  -policy 

certreq  -policy  [-attrib  Attributestring]  [-binary]  [-cert  CertID]  [RequestFileln  [PolicyFileln  [RequestFileOut 
[PKCS10FileOut] ] ] ] 

•  The  configuration  file  that  defines  the  constraints  that  are  applied  to  a  CA  certificate  when  qualified 
subordination  is  defined  is  called  Policy.inf.. 

•  You  can  find  an  example  of  the  Policy.inf  file  in  the  Appendix  A  of  Planning  and  Implementing  Cross- 
Certification  and  Qualified  Subordination  white  paper. 

•  If  you  type  the  certreq  -policy  without  any  additional  parameter  it  will  open  a  dialog  window  so  you  can  select 
the  requested  fie  (req,  cmc,  txt,  der,  cer  or  crt).  Once  you  select  the  requested  file  and  click  Open  button,  another 
dialog  window  will  open  in  order  to  select  the  INF  file. 

You  can  use  this  example  to  build  a  cross  certificate  request: 
certreq  -policy  Certsrv.req  Policy.inf  newcertsrv. req 
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Certreq  -sign 

certreq  -sign  [Options]  [RequestFileln  [RequestFileOut]] 

•  If  you  type  the  certreq  -sign  without  any  additional  parameter  it  will  open  a  dialog  window  so  you  can  select  the 
requested  file  (req,  cmc,  txt,  der,  cer  or  crt). 

•  Signing  the  qualified  subordination  request  may  require  Enterprise  Administrator  credentials.  This  is  a  best 
practice  for  issuing  signing  certificates  for  qualified  subordination. 

•  The  certificate  used  to  sign  the  qualified  subordination  request  is  created  using  the  qualified  subordination 
template.  Enterprise  Admins  will  have  to  sign  the  request  or  grant  user  permissions  for  the  individuals  that  will 
sign  the  certificate. 

•  When  you  sign  the  CMC  request,  you  may  need  to  have  multiple  personnel  sign  this  request,  depending  on  the 
assurance  level  that  is  associated  with  the  qualified  subordination. 

•  If  the  parent  CA  of  the  qualified  subordinate  CA  you  are  installing  is  offline,  you  must  obtain  the  CA  certificate 
for  the  qualified  subordinate  CA  from  the  offline  parent.  If  the  parent  CA  is  online,  specify  the  CA  certificate  for 
the  qualified  subordinate  CA  during  the  Certificate  Services  Installation  Wizard. 

The  sequence  of  commands  below  will  show  how  to  create  a  new  certificate  request,  sign  it  and  submit  it: 


certreq  -new  policyfile.inf  MyRequest.req 
certreq  -sign  MyRequest.req  MyRequest_Sign . req 
certreq  -submit  MyRequest_Sign . req  MyRequest_cert.cer 
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Certreq  -enroll 

To  enroll  to  a  certificate 


certreq  -enroll  [Options]  TemplateName 


To  renew  an  existing  certificate 


certreq  -enroll  -cert  Certld  [Options]  Renew  [ReuseKeys] 


You  can  only  renew  certificates  that  are  time  valid.  Expired  certificates  cannot  be  renewed  and  must  be  replaced 
with  a  new  certificate. 

Here  an  example  of  renewing  a  certificate  using  its  serial  number: 

certreq  -enroll  -machine  -cert  "61  2d  3c  fe  00  00  00  00  00  05"  Renew 


Here  an  example  of  enrolling  to  a  certificate  template  called  Webserver  by  using  asterisk  (*)  to  select  the  policy 
server  via  U/l: 


certreq  -enroll  -machine  -policyserver  *  "Webserver" 
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Options 

OPTIONS  DESCRIPTION 


-any 


Force  ICertRequest::Submit  to  determine  encoding  type. 


-attrib  <AttributeString>  Specifies  the  Name  and  Value  string  pairs,  separated  by  a 

colon. 

Separate  Name  and  Value  string  pairs  with  \n  (for  example, 
Name1:Value1\nName2:Value2). 


-binary 


Formats  output  files  as  binary  instead  of  base64-encoded. 


-PolicyServer  <PolicyServer>  "Idap:  <path>" 

Insert  the  URI  or  unique  ID  for  a  computer  running  the 
Certificate  Enrollment  Policy  Web  Service. 

To  specify  that  you  would  like  to  use  a  request  file  by 
browsing,  just  use  a  minus  (-)  sign  for  <policyserver>. 


OPTIONS 


DESCRIPTION 


config  <ConfigString> 

Processes  the  operation  by  using  the  CA  specified  in  the 
configuration  string,  which  is  CAHostName\CAName.  For  an 
https  connection,  specify  the  enrollment  server  URI.  For  the 
local  machine  store  CA,  use  a  minus  (-)  sign. 

Anonymous 

Use  anonymous  credentials  for  Certificate  Enrollment  Web 
Services. 

Kerberos 

Use  Kerberos  (domain)  credentials  for  Certificate  Enrollment 

Web  Services. 

ClientCertificate  <  ClientCertld> 

You  can  replace  the  <CiientCertlD>  with  a  certificate 
thumbprint,  CN,  EKU,  template,  email,  UPN,  and  the  new 
name=value  syntax. 

UserName  <UserName> 

Used  with  Certificate  Enrollment  Web  Services.  You  can 
substitute  <UserName>  with  the  SAM  name  or  domain\user. 
This  option  is  for  use  with  the  -p  option. 

p  <  Password > 

Used  with  Certificate  Enrollment  Web  Services.  Substitute 
<Password>  with  the  actual  user's  password.  This  option  is  for 
use  with  the  -  UserName  option. 

user 

Configures  the  -user  context  for  a  new  certificate  request  or 
specifies  the  context  for  an  a  certificate  acceptance.  This  is  the 
default  context,  if  none  is  specified  in  the  INF  or  template. 

machine 

Configures  a  new  certificate  request  or  specifies  the  context 
for  an  a  certificate  acceptance  for  the  machine  context.  For 
new  requests  it  must  be  consistent  with  the  MachineKeyset 

INF  key  and  the  template  context.  If  this  option  is  not  specified 
and  the  template  does  not  set  a  context,  then  the  default  is 
the  user  context. 

crl 

Includes  certificate  revocation  lists  (CRLs)  in  the  output  to  the 
base64-encoded  PKCS#7  file  specified  by  CertChainFileOut  or 
to  the  base64-encoded  file  specified  by  RequestFileOut. 

rpc 

Instructs  Active  Directory  Certificate  Services  (AD  CS)  to  use  a 
remote  procedure  call  (RPC)  server  connection  instead  of 
Distributed  COM. 

AdminForceMachine 

Use  the  Key  Service  or  impersonation  to  submit  the  request 
from  Local  System  context.  Requires  that  the  user  invoking 
this  option  be  a  member  of  Local  Administrators. 

RenewOnBehalfOf 

Submit  a  renewal  on  behalf  of  the  subject  identified  in  the 
signing  certificate.  This  sets  CR_IN_ROBO  when  calling 

ICertRequest::Submit 

f 

Force  existing  files  to  be  overwritten.  This  also  bypasses 
caching  templates  and  policy. 

q 

Use  silent  mode;  suppress  all  interactive  prompts. 

OPTIONS 


DESCRIPTION 


-Unicode 

Writes  Unicode  output  when  standard  output  is  redirected  or 
piped  to  another  command,  which  helps  when  invoked  from 
Windows  PowerShell®  scripts). 

-UnicodeText 

Sends  Unicode  output  when  writing  base64  text  encoded  data 
blobs  to  files. 
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Formats 

FORMATS 

DESCRIPTION 

RequestFilel  n 

Base64-encoded  or  binary  input  file  name:  PKCS  #10 
certificate  request,  CMS  certificate  request,  PKCS  #7  certificate 
renewal  request,  X.509  certificate  to  be  cross-certified,  or 

KeyGen  tag  format  certificate  request. 

RequestFileOut 

Base64-encoded  output  file  name 

CertFileOut 

Base64-encoded  X-509  file  name. 

PKCS1  OFileOut 

For  use  with  the  Certreq  -policy  verb  only.  Base64-encoded 
PKCS10  output  file  name. 

CertChainFileOut 

Base64-encoded  PKCS  #7  file  name. 

FullResponseFileOut 

Base64-encoded  full  response  file  name. 

PolicyFileln 


For  use  with  the  Certreq  -policy  verb  only.  INF  file  containing  a 
textual  representation  of  extensions  used  to  qualify  a  request. 


Additional  certreq  examples 

The  following  articles  contain  examples  of  certreq  usage: 

•  How  to  Request  a  Certificate  With  a  Custom  Subject  Alternative  Name 

•  Test  Lab  Guide:  Deploying  an  AD  CS  Two-Tier  PKI  Hierarchy 

•  Appendix  3:  Certreq.exe  Syntax 

•  How  to  create  a  web  server  SSL  certificate  manually 

•  Request  an  AMT  Provisioning  Certificate  Using  a  Windows  Server  2008  CA 

•  Certificate  Enrollment  for  System  Center  Operations  Manager  Agent 

•  AD  CS  Step  by  Step  Guide:  Two  Tier  PKI  Hierarchy  Deployment 

•  How  to  enable  LDAP  over  SSL  with  a  third-party  certification  authority 
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cert  util 

4/1 3/2018  •  36  min  to  read  •  Edit  Online 


Certutil.exe  is  a  command-line  program  that  is  installed  as  part  of  Certificate  Services.  You  can  use  Certutil.exe  to 
dump  and  display  certification  authority  (CA)  configuration  information,  configure  Certificate  Services,  backup  and 
restore  CA  components,  and  verify  certificates,  key  pairs,  and  certificate  chains. 

When  certutil  is  run  on  a  certification  authority  without  additional  parameters,  it  displays  the  current  certification 
authority  configuration.  When  cerutil  is  run  on  a  non-certification  authority,  the  command  defaults  to  running  the 
certutil  -dump  verb. 


WARNING 

Earlier  versions  of  certutil  may  not  provide  all  of  the  options  that  are  described  in  this  document.  You  can  see  all  the  options 
that  a  specific  version  of  certutil  provides  by  running  the  commands  shown  in  the  Syntax  notations  section. 


Menu 

The  major  sections  in  this  document  are: 

•  Verbs 

•  Syntax  notations 

•  Options 

•  Additional  certutil  examples 

Verbs 


The  following  table  describes  the  verbs  that  can  be  used  with  the  certutil  command. 

VERBS  DESCRIPTION 


-dump 

Dump  configuration  information  or  files 

-asn 

Parse  ASN.1  file 

-decodehex-decodehex 

Decode  hexadecimal-encoded  file 

-decode 

Decode  a  Base64-encoded  file 

-encode 

Encode  a  file  to  Base64 

-deny 

Deny  a  pending  certificate  request 

-resubmit 

Resubmit  a  pending  certificate  request 

-setattributes 

Set  attributes  for  a  pending  certificate  request 

-setextension 

Set  an  extension  for  a  pending  certificate  request 

VERBS 


DESCRIPTION 


revoke 

Revoke  a  certificate 

isvalid 

Display  the  disposition  of  the  current  certificate 

getconfig 

Get  the  default  configuration  string 

ping 

Attempt  to  contact  the  Active  Directory  Certificate  Services 
Request  interface 

pingadmin 

Attempt  to  contact  the  Active  Directory  Certificate  Services 
Admin  interface 

CAInfo 

Display  information  about  the  certification  authority 

ca.cert 

Retrieve  the  certificate  for  the  certification  authority 

ca. chain 

Retrieve  the  certificate  chain  for  the  certification  authority 

GetCRL 

Get  a  certificate  revocation  list  (CRL) 

CRL 

Publish  new  certificate  revocation  lists  (CRLs)  [or  only  delta 
CRLs] 

shutdown 

Shutdown  Active  Directory  Certificate  Services 

installCert 

Install  a  certification  authority  certificate 

renewCert 

Renew  a  certification  authority  certificate 

schema 

Dump  the  schema  for  the  certificate 

view 

Dump  the  certificate  view 

db 

Dump  the  raw  database 

deleterow 

Delete  a  row  from  the  server  database 

backup 

Backup  Active  Directory  Certificate  Services 

backupDB 

Backup  the  Active  Directory  Certificate  Services  database 

backupKey 

Backup  the  Active  Directory  Certificate  Services  certificate  and 
private  key 

restore 

Restore  Active  Directory  Certificate  Services 

restoreDB 

Restore  the  Active  Directory  Certificate  Services  database 

restoreKey 

Restore  the  Active  Directory  Certificate  Services  certificate  and 
private  key 

VERBS 


DESCRIPTION 


importPFX 

Import  certificate  and  private  key 

dynamicfilelist 

Display  a  dynamic  file  list 

databaselocations 

Display  database  locations 

hashfile 

Generate  and  display  a  cryptographic  hash  over  a  file 

store 

Dump  the  certificate  store 

addstore 

Add  a  certificate  to  the  store 

delstore 

Delete  a  certificate  from  the  store 

verifystore 

Verify  a  certificate  in  the  store 

repairstore 

Repair  a  key  association  or  update  certificate  properties  or  the 
key  security  descriptor 

viewstore 

Dump  the  certificates  store 

viewdelstore 

Delete  a  certificate  from  the  store 

dsPublish 

Publish  a  certificate  or  certificate  revocation  list  (CRL)  to  Active 
Directory 

ADTemplate 

Display  AD  templates 

Template 

Display  certificate  templates 

TemplateCAs 

Display  the  certification  authorities  (CAs)  for  a  certificate 
template 

CATemplates 

Display  templates  for  CA 

SetCASites 

Manage  Site  Names  for  CAs 

enrollmentServerURL 

Display,  add  or  delete  enrollment  server  URLs  associated  with 
a  CA 

ADCA 

Display  AD  CAs 

CA 

Display  Enrollment  Policy  CAs 

Policy 

Display  Enrollment  Policy 

PolicyCache 

Display  or  delete  Enrollment  Policy  Cache  entries 

CredStore 

Display,  add  or  delete  Credential  Store  entries 

InstallDefault  Templates 

Install  default  certificate  templates 

VERBS 


DESCRIPTION 


URLCache 

Display  or  delete  URL  cache  entries 

pulse 

Pulse  auto  enrollment  events 

Machinelnfo 

Display  information  about  the  Active  Directory  machine  object 

DC  info 

Display  information  about  the  domain  controller 

Entlnfo 

Display  information  about  an  enterprise  CA 

TCAInfo 

Display  information  about  the  CA 

SC  Info 

Display  information  about  the  smart  card 

SC  Roots 

Manage  smart  card  root  certificates 

verifykeys 

Verify  a  public  or  private  key  set 

verify 

Verify  a  certificate,  certificate  revocation  list  (CRL),  or  certificate 
chain 

verifyCTL 

Verify  AuthRoot  or  Disallowed  Certificates  CTL 

sign 

Re-sign  a  certificate  revocation  list  (CRL)  or  certificate 

vroot 

Create  or  delete  web  virtual  roots  and  file  shares 

vocsproot 

Create  or  delete  web  virtual  roots  for  an  OCSP  web  proxy 

addEnrollmentServer 

Add  an  Enrollment  Server  application 

deleteEnrollmentServer 

Delete  an  Enrollment  Server  application 

addPolicyServer 

Add  a  Policy  Server  application 

deletePolicyServer 

Delete  a  Policy  Server  application 

oid 

Display  the  object  identifier  or  set  a  display  name 

error 

Display  the  message  text  associated  with  an  error  code 

getreg 

Display  a  registry  value 

setreg 

Set  a  registry  value 

delreg 

Delete  a  registry  value 

ImportKMS 

Import  user  keys  and  certificates  into  the  server  database  for 
key  archival 

VERBS 


DESCRIPTION 


-ImportCert 

Import  a  certificate  file  into  the  database 

-Get  Key 

Retrieve  an  archived  private  key  recovery  blob 

-RecoverKey 

Recover  an  archived  private  key 

-MergePFX 

Merge  PFX  files 

-ConvertEPF 

Convert  a  PFX  file  into  an  EPF  file 

-? 

Displays  the  list  of  verbs 

-<verb>  -? 

Displays  help  for  the  verb  specified. 

-?-v 

Displays  a  full  list  of  verbs  and 
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Syntax  notations 

•  For  basic  command  line  syntax,  run  certutii 

.  ? 

•  For  the  syntax  on  using  certutii  with  a  specific  verb,  run  certutii  <verb>  -? 

•  To  send  all  of  the  certutii  syntax  into  a  text  file,  run  the  following  commands: 

o  certutii  -v  -?  >  certutilhelp.txt 

o  notepad  certutilhelp.txt 

The  following  table  describes  the  notation  used  to  indicate  command-line  syntax. 

NOTATION 

DESCRIPTION 

Text  without  brackets  or  braces 

Items  you  must  type  as  shown 

<Text  inside  angle  brackets> 

Placeholder  for  which  you  must  supply  a  value 

[Text  inside  square  brackets] 

Optional  items 

{Text  inside  braces} 

Set  of  required  items;  choose  one 

Vertical  bar  (  ) 

Ellipsis  (...) 

Items  that  can  be  repeated 
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-dump 

CertUtil  [Options]  [-dump] 

CertUtil  [Options]  [-dump]  File 
Dump  configuration  information  or  files 


[-f]  [-silent]  [-split]  [-p  Password]  [-t  Timeout] 
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-asn 

CertUtil  [Options]  -asn  File  [type] 

Parse  ASN.1  file 

type:  numeric  CRYPT_STRING_*  decoding  type 
Return  to  Menu 

-decodehex 

CertUtil  [Options]  -decodehex  InFile  OutFile  [type] 
type:  numeric  CRYPT_STRING_*  encoding  type 

[-f] 

Return  to  Menu 

-decode 

CertUtil  [Options]  -decode  InFile  OutFile 

Decode  Base64-encoded  file 

[-f] 
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-encode 

CertUtil  [Options]  -encode  InFile  OutFile 
Encode  file  to  Base64 
[-f]  [-UnicodeText] 
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-deny 

CertUtil  [Options]  -deny  Requestld 
Deny  pending  request 
[-config  Machine\CAName] 
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-resubmit 

CertUtil  [Options]  -resubmit  Requestld 
Resubmit  pending  request 
[-config  Machine\CAName] 
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-setattributes 

CertUtil  [Options]  -setattributes  Requestld  Attributestring 
Set  attributes  for  pending  request 
Requestld  —  numeric  Request  Id  of  pending  request 
Attributestring  —  Request  Attribute  name  and  value  pairs 

•  Names  and  values  are  colon  separated. 

•  Multiple  name,  value  pairs  are  newline  separated. 

•  Example:  "CertificateTemplate:User\nEMail:User@Domain.com" 

•  Each  "\n"  sequence  is  converted  to  a  newline  separator. 

[-config  Machine\CAName] 
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-setextension 

CertUtil  [Options]  -setextension  Requestld  ExtensionName  Flags  {Long  |  Date  |  String  |  @lnFile} 

Set  extension  for  pending  request 

Requestld  —  numeric  Request  Id  of  a  pending  request 

ExtensionName  —  Objectld  string  of  the  extension 

Flags  —  0  is  recommended.  1  makes  the  extension  critical,  2  disables  it,  3  does  both. 

If  the  last  parameter  is  numeric,  it  is  taken  as  a  Long. 

If  it  can  be  parsed  as  a  date,  it  is  taken  as  a  Date. 

If  it  starts  with  the  rest  of  the  token  is  the  filename  containing  binary  data  or  an  ascii-text  hex  dump. 
Anything  else  is  taken  as  a  String. 

[-config  Machine\CAName] 
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-revoke 

CertUtil  [Options]  -revoke  SerialNumber  [Reason] 

Revoke  Certificate 

SerialNumber:  Comma  separated  list  of  certificate  serial  numbers  to  revoke 
Reason:  numeric  or  symbolic  revocation  reason 

•  0:  CRL_REASON_UN SPECIFIED:  Unspecified  (default) 

•  1:  CRL_REASON_KEY_COM PROMISE:  Key  Compromise 

•  2:  CRL_REASON_CA_COM PROMISE:  CA  Compromise 

•  3:  CRL_REASON_AFFILIATION_CHANGED:  Affiliation  Changed 

•  4:  CRL_REASON_SUPERSEDED:  Superseded 


•  5:  CRL_REASON_CESSATION_OF_OPERATION:  Cessation  of  Operation 

•  6:  CRL_REASON_CERTIFICATE_HOLD:  Certificate  Hold 

•  8:  CRL_REASON_REMOVE_FROM_CRL:  Remove  From  CRL 

•  -1:  Unrevoke:  Unrevoke 

[-config  Machine\CAName] 
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-isvalid 

CertUtil  [Options]  -isvalid  SerialNumber  |  CertHash 
Display  current  certificate  disposition 
[-config  Machine\CAName] 
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-getconfig 

CertUtil  [Options]  -getconfig 
Get  default  configuration  string 
[-config  Machine\CAName] 
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-ping 

CertUtil  [Options]  -ping  [MaxSecondsToWait  |  CAMachineList] 

Ping  Active  Directory  Certificate  Services  Request  interface 
CAMachineList  —  Comma-separated  CA  machine  name  list 

1 .  For  a  single  machine,  use  a  terminating  comma 

2.  Displays  the  site  cost  for  each  CA  machine 

[-config  Machine\CAName] 

Return  to  Menu 

-CAInfo 

CertUtil  [Options]  -CAInfo  [InfoName  [Index  |  ErrorCode]] 

Display  CA  Information 

InfoName  —  indicates  the  CA  property  to  display  (see  below).  Use  "*"  for  all  properties. 

Index  —  optional  zero-based  property  index 

ErrorCode  —  numeric  error  code 

[-f]  [-split]  [-config  Machine\CAName] 

InfoName  argument  syntax: 


•  file:  File  version 


•  product:  Product  version 

•  exitcount:  Exit  module  count 

•  exit  [Index]:  Exit  module  description 

•  policy:  Policy  module  description 

•  name:  CA  name 

•  sanitizedname:  Sanitized  CA  name 

•  dsname:  Sanitized  CA  short  name  (DS  name) 

•  sharedfolder:  Shared  folder 

•  errorl  ErrorCode:  Error  message  text 

•  error2  ErrorCode:  Error  message  text  and  error  code 

•  type:  CA  type 

•  info:  CA  info 

•  parent:  Parent  CA 

•  certcount:  CA  cert  count 

•  xchgcount:  CA  exchange  cert  count 

•  kracount:  KRA  cert  count 

•  kraused:  KRA  cert  used  count 

•  propidmax:  Maximum  CA  Propld 

•  certstate  [Index]:  CA  cert 

•  certversion  [Index]:  CA  cert  version 

•  certstatuscode  [Index]:  CA  cert  verify  status 

•  cristate  [Index]:  CRL 

•  krastate  [Index]:  KRA  cert 

•  crossstate+  [Index]:  Forward  cross  cert 

•  crossstate-  [Index]:  Backward  cross  cert 

•  cert  [Index]:  CA  cert 

•  certchain  [Index]:  CA  cert  chain 

•  certcrlchain  [Index]:  CA  cert  chain  with  CRLs 

•  xchg  [Index]:  CA  exchange  cert 

•  xchgchain  [Index]:  CA  exchange  cert  chain 

•  xchgcrlchain  [Index]:  CA  exchange  cert  chain  with  CRLs 

•  kra  [Index]:  KRA  cert 

•  cross+  [Index]:  Forward  cross  cert 

•  cross-  [Index]:  Backward  cross  cert 

•  CRL  [Index]:  Base  CRL 

•  deltacrl  [Index]:  Delta  CRL 

•  crlstatus  [Index]:  CRL  Publish  Status 

•  deltacrlstatus  [Index]:  Delta  CRL  Publish  Status 

•  dns:  DNS  Name 

•  role:  Role  Separation 

•  ads:  Advanced  Server 

•  templates:  Templates 

•  ocsp  [Index]:  OCSP  URLs 

•  aia  [Index]:  AIA  URLs 

•  cdp  [Index]:  CDP  URLs 

•  localename:  CA  locale  name 


•  subjecttemplateoids:  Subject  Template  OIDs 
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-ca.cert 

CertUtil  [Options]  -ca.cert  OutCACertFile  [Index] 

Retrieve  the  CA's  certificate 
OutCACertFile:  output  file 

Index:  CA  certificate  renewal  index  (defaults  to  most  recent) 

[-f]  [-split]  [-config  Machine\CAName] 

Return  to  Menu 

-ca.chain 

CertUtil  [Options]  -ca.chain  OutCACertChainFile  [Index] 
Retrieve  the  CA's  certificate  chain 
OutCACertChainFile:  output  file 

Index:  CA  certificate  renewal  index  (defaults  to  most  recent) 

[-f]  [-split]  [-config  Machine\CAName] 

Return  to  Menu 

-GetCRL 

CertUtil  [Options]  -GetCRL  OutFile  [Index]  [delta] 

GetCRL 

Index:  CRL  index  or  key  index  (defaults  to  CRL  for  newest  key) 
delta:  delta  CRL  (default  is  base  CRL) 

[-f]  [-split]  [-config  Machine\CAName] 

Return  to  Menu 

-CRL 

CertUtil  [Options]  -CRL  [dd:hh  |  republish]  [delta] 

Publish  new  CRLs  [or  delta  CRLs  only] 

dd:hh  —  new  CRL  validity  period  in  days  and  hours 

republish  —  republish  most  recent  CRLs 

delta  —  delta  CRLs  only  (default  is  base  and  delta  CRLs) 

[-split]  [-config  Machine\CAName] 


Return  to  Menu 


-shutdown 

CertUtil  [Options]  -shutdown 

Shutdown  Active  Directory  Certificate  Services 

[-config  Machine\CAName] 

Return  to  Menu 

-installCert 

CertUtil  [Options]  -installCert  [CACertFile] 

Install  Certification  Authority  certificate 
[-f]  [-silent]  [-config  Machine\CAName] 

Return  to  Menu 

-renewCert 

CertUtil  [Options]  -renewCert  [ReuseKeys]  [Machine\ParentCAName] 

Renew  Certification  Authority  certificate 

Use  -f  to  ignore  an  outstanding  renewal  request,  and  generate  a  new  request 
[-f]  [-silent]  [-config  Machine\CAName] 

Return  to  Menu 

-schema 

CertUtil  [Options]  -schema  [Ext  |  Attrib  |  CRL] 

Dump  Certificate  Schema 

Defaults  to  Request  and  Certificate  table 

Ext:  Extension  table 

Attrib:  Attribute  table 

CRL:  CRL  table 

[-split]  [-config  Machine\CAName] 

Return  to  Menu 

-view 

CertUtil  [Options]  -view  [Queue  |  Log  |  LogFail  |  Revoked  |  Ext  |  Attrib  |  CRL]  [csv] 
Dump  Certificate  View 
Queue:  Request  queue 

Log:  Issued  or  revoked  certificates,  plus  failed  requests 
LogFail:  Failed  requests 


Revoked:  Revoked  certificates 


Ext  Extension  table 


Attrib:  Attribute  table 
CRLCRL  table 

csv:  Output  as  Comma  Separated  Values 

To  display  the  StatusCode  column  for  all  entries:  -out  StatusCode 
To  display  all  columns  for  the  last  entry:  -restrict  "Requestld=  =  $" 

To  display  Requestld  and  Disposition  for  three  requests:  -restrict  "Requestld>  =37,Requestld<40"  -out 
"Requestl  disposition" 

To  display  Row  Ids  and  CRL  Numbers  for  all  Base  CRLs:  -restrict  "CRLMinBase=0"  -out  "CRLRowld,CRLNumber" 
CRL 

To  display  Base  CRL  Number  3:  -v  -restrict  "CRLMinBase=0,CRLNumber  =  3"  -out  "CRLRawCRL"  CRL 

To  display  the  entire  CRL  table:  CRL 

Use  "Date[+|-dd:hh]"  for  date  restrictions 

Use  "now  +  dd:hh"  for  a  date  relative  to  the  current  time 

[-silent]  [-split]  [-config  Machine\CAName]  [-restrict  Restriction  List]  [-out  ColumnList] 

Return  to  Menu 

-db 

CertUtil  [Options]  -db 
Dump  Raw  Database 

[-config  Machine\CAName]  [-restrict  Restriction  List]  [-out  ColumnList] 

Return  to  Menu 

-deleterow 

CertUtil  [Options]  -deleterow  Rowld  |  Date  [Request  |  Cert  |  Ext  |  Attrib  |  CRL] 

Delete  server  database  row 

Request:  Failed  and  pending  requests  (submission  date) 

Cert:  Expired  and  revoked  certificates  (expiration  date) 

Ext:  Extension  table 

Attrib:  Attribute  table 

CRL:  CRL  table  (expiration  date) 

To  delete  failed  and  pending  requests  submitted  by  January  22,  2001 : 1/22/2001  Request 
To  delete  all  certificates  that  expired  by  January  22,  2001 : 1/22/2001  Cert 
To  delete  the  certificate  row,  attributes  and  extensions  for  Requestld  37:  37 
To  delete  CRLs  that  expired  by  January  22,  2001 : 1/22/2001  CRL 


[-f]  [-config  Machine\CAName] 

Return  to  Menu 

-backup 

CertUtil  [Options]  -backup  BackupDirectory  [Incremental]  [KeepLog] 
Backup  Active  Directory  Certificate  Services 
BackupDirectory:  directory  to  store  backed  up  data 
Incremental:  perform  incremental  backup  only  (default  is  full  backup) 
KeepLog:  preserve  database  log  files  (default  is  to  truncate  log  files) 

[-f]  [-config  Machine\CAName]  [-p  Password] 

Return  to  Menu 

-backupDB 

CertUtil  [Options]  -backupDB  BackupDirectory  [Incremental]  [KeepLog] 
Backup  Active  Directory  Certificate  Services  database 
BackupDirectory:  directory  to  store  backed  up  database  files 
Incremental:  perform  incremental  backup  only  (default  is  full  backup) 
KeepLog:  preserve  database  log  files  (default  is  to  truncate  log  files) 

[-f]  [-config  Machine\CAName] 

Return  to  Menu 

-backupKey 

CertUtil  [Options]  -backupKey  BackupDirectory 

Backup  Active  Directory  Certificate  Services  certificate  and  private  key 

BackupDirectory:  directory  to  store  backed  up  PFX  file 

[-f]  [-config  Machine\CAName]  [-p  Password]  [-t  Timeout] 

Return  to  Menu 

-restore 

CertUtil  [Options]  -restore  BackupDirectory 
Restore  Active  Directory  Certificate  Services 
BackupDirectory:  directory  containing  data  to  be  restored 
[-f]  [-config  Machine\CAName]  [-p  Password] 

Return  to  Menu 


-restore  DB 


CertUtil  [Options]  -restoreDB  BackupDirectory 
Restore  Active  Directory  Certificate  Services  database 
BackupDirectory:  directory  containing  database  files  to  be  restored 
[-f]  [-config  Machine\CAName] 

Return  to  Menu 

-restore  Key 

CertUtil  [Options]  -restoreKey  BackupDirectory  |  PFXFile 

Restore  Active  Directory  Certificate  Services  certificate  and  private  key 

BackupDirectory:  directory  containing  PFX  file  to  be  restored 

PFXFile:  PFX  file  to  be  restored 

[-f]  [-config  Machine\CAName]  [-p  Password] 

Return  to  Menu 

-importPFX 

CertUtil  [Options]  -importPFX  [CertificateStoreName]  PFXFile  [Modifiers] 
Import  certificate  and  private  key 

CertificateStoreName:  Certificate  store  name.  See  -store. 

PFXFile:  PFX  file  to  be  imported 

Modifiers:  Comma  separated  list  of  one  or  more  of  the  following: 

1.  AT_SIGNATURE:  Change  the  KeySpecto  Signature 

2.  AT_KEYEXCHANGE:  Change  the  KeySpec  to  Key  Exchange 

3.  NoExport:  Make  the  private  key  non-exportable 

4.  NoCert:  Do  not  import  the  certificate 

5.  NoChain:  Do  not  import  the  certificate  chain 

6.  NoRoot:  Do  not  import  the  root  certificate 

7.  Protect:  Protect  keys  with  password 

8.  NoProtect:  Do  not  password  protect  keys 

Defaults  to  personal  machine  store. 

[-f]  [-user]  [-p  Password]  [-csp  Provider] 

Return  to  Menu 

-dynamicfilelist 

CertUtil  [Options]  -dynamicfilelist 
Display  dynamic  file  List 
[-config  Machine\CAName] 


Return  to  Menu 


-databaselocations 

CertUtil  [Options]  -databaselocations 
Display  database  locations 
[-config  Machine\CAName] 

Return  to  Menu 

-hashfile 

CertUtil  [Options]  -hashfile  InFile  [HashAlgorithm] 

Generate  and  display  cryptographic  hash  over  a  file 
Return  to  Menu 

-store 

CertUtil  [Options]  -store  [CertificateStoreName  [Certld  [OutputF i le]]] 

Dump  certificate  store 

CertificateStoreName:  Certificate  store  name.  Examples: 

•  "My",  "CA"  (default),  "Root", 

•  "ldap:///CN  =  Certification  Authorities, CN  =  Public  Key 

S  er  vices, CN  =Services,CN  =  Configuration,DC=cpandl,DC  =  com?cACertificate?one? 
objectClass  =  certificationAuthority"  (View  Root  Certificates) 

•  "ldap:///CN  =  CAName,CN=Certification  Authorities, CN  =  Public  Key 
Services,CN  =  Services,CN  =  C  onfigu  ration,  DC  =  cpandl,DC  =  com  ?cACertificate?base? 
objectClass  =  certificationAuthority"  (Modify  Root  Certificates) 

•  "ldap:///CN  =  CAName,CN  =  MachineName,CN=CDRCN  =  Public  Key 

S  er  vices, CN  =Services,CN  =  Configuration,DC=cpandl,DC  =  com?certificateRevocationList?base? 
objectClass  =  cRLDistributionPoint"  (View  CRLs) 

•  "ldap:///CN  =  NTAuthCertificates,CN  =  Public  Key 

Services,CN  =  Services,CN  =  C  onfigu  ration,  DC  =  cpandl,DC  =  com  ?cACertificate?base? 
objectClass  =  certificationAuthority"  (Enterprise  CA  Certificates) 

•  Idap:  (AD  computer  object  certificates) 

•  -user  Idap:  (AD  user  object  certificates) 

Certld:  Certificate  or  CRL  match  token.  This  can  be  a  serial  number,  an  SHA-1  certificate,  CRL,  CTL  or  public  key 
hash,  a  numeric  cert  index  (0, 1,  and  so  on),  a  numeric  CRL  index  (.0,  .1,  and  so  on),  a  numeric  CTL  index  (..0,  ..1,  and 
so  on),  a  public  key,  signature  or  extension  Objectld,  a  certificate  subject  Common  Name,  an  e-mail  address,  UPN 
or  DNS  name,  a  key  container  name  or  CSP  name,  a  template  name  or  Objectld,  an  EKU  or  Application  Policies 
Objectld,  or  a  CRL  issuer  Common  Name.  Many  of  these  may  result  in  multiple  matches. 

OutputFile:  file  to  save  matching  cert 

Use  -user  to  access  a  user  store  instead  of  a  machine  store. 

Use  -enterprise  to  access  a  machine  enterprise  store. 

Use  -service  to  access  a  machine  service  store. 


Use  -grouppolicy  to  access  a  machine  group  policy  store. 


Examples: 


•  -enterprise  NTAuth 

•  -enterprise  Root  37 

•  -user  My  26e0aaaf000000000004 

•  CA.11 

[-f]  [-enterprise]  [-user]  [-GroupPolicy]  [-silent]  [-split]  [-dc  DCName] 

Return  to  Menu 

-addstore 

CertUtil  [Options]  -addstore  CertificateStoreName  InFile 
Add  certificate  to  store 

CertificateStoreName:  Certificate  store  name.  See  -store. 

InFile:  Certificate  or  CRL  file  to  add  to  store. 

[-f]  [-enterprise]  [-user]  [-GroupPolicy]  [-dc  DCName] 

Return  to  Menu 

-delstore 

CertUtil  [Options]  -delstore  CertificateStoreName  Certld 
Delete  certificate  from  store 

CertificateStoreName:  Certificate  store  name.  See  -store. 

Certld:  Certificate  or  CRL  match  token.  See  -store. 

[-enterprise]  [-user]  [-GroupPolicy]  [-dc  DCName] 

Return  to  Menu 

-verifystore 

CertUtil  [Options]  -verifystore  CertificateStoreName  [Certld] 

Verify  certificate  in  store 

CertificateStoreName:  Certificate  store  name.  See  -store. 

Certld:  Certificate  or  CRL  match  token.  See  -store. 

[-enterprise]  [-user]  [-GroupPolicy]  [-silent]  [-split]  [-dc  DCName]  [-t  Timeout] 

Return  to  Menu 

-repairstore 

CertUtil  [Options]  -repairstore  CertificateStoreName  CertldList  [P roperty I nf F ile  |  SDDLSecurityDescriptor] 
Repair  key  association  or  update  certificate  properties  or  key  security  descriptor 


CertificateStoreName:  Certificate  store  name.  See  -store. 


CertldList:  comma  separated  list  of  Certificate  or  CRL  match  tokens.  See  -store  Certld  description. 
PropertylnfFile  —  INF  file  containing  external  properties: 


[Properties] 

19  =  Empty  ;  Add  archived  property,  OR: 

19  =  ;  Remove  archived  property 

11  =  "{text}Friendly  Name"  ;  Add  friendly  name  property 

127  =  "{hex}"  ;  Add  custom  hexadecimal  property 

_continue_  =  "00  01  02  03  04  05  06  07  08  09  0a  0b  0c  0d  0e  0f" 
_continue_  =  "10  11  12  13  14  15  16  17  18  19  la  lb  lc  Id  le  If" 

2  =  "{text}"  ;  Add  Key  Provider  Information  property 
_continue_  =  "Container=Container  Name&" 

_continue_  =  "Provider=Microsoft  Strong  Cryptographic  Providers" 
_continue_  =  "ProviderType=l&" 

_continue_  =  "Flags=0&" 

_continue_  =  "KeySpec=2" 

9  =  "{text}"  ;  Add  Enhanced  Key  Usage  property 
_continue_  =  "1.3. 6. 1.5. 5. 7. 3. 2, " 

_continue_  =  "1.3. 6. 1.5. 5. 7. 3.1," 


[-f]  [-enterprise]  [-user]  [-GroupPolicy]  [-silent]  [-split]  [-csp  Provider] 

Return  to  Menu 

-viewstore 

CertUtil  [Options]  -viewdelstore  [CertificateStoreName  [Certld  [OutputFile]]] 

Dump  certificate  store 

CertificateStoreName:  Certificate  store  name.  Examples: 

•  "My",  "CA"  (default),  "Root", 

•  "ldap:///CN  =  Certification  Authorities, CN  =  Public  Key 

S  er  vices, CN  =  Services,CN  =  C  onfigu  ration,  DC  =cpandl,DC  =  com  ?cACertificate?one? 
objectClass  =  certificationAuthority"  (View  Root  Certificates) 

•  "ldap:///CN  =  CAName,CN=Certification  Authorities, CN  =  Public  Key 
Services,CN  =  Services,CN  =  C  onfigu  ration,  DC  =cpandl,DC  =  com  ?cACertificate?base? 
objectClass  =  certificationAuthority"  (Modify  Root  Certificates) 

•  "ldap:///CN  =  CAName,CN  =  MachineName,CN=CDP,CN  =  Public  Key 

S  er  vices, CN  =Services,CN  =  Configuration,DC=cpandl,DC  =  com?certificateRevocationList?base? 
objectClass  =  cRLDistributionPoint"  (View  CRLs) 

•  "ldap:///CN  =  NTAuthCertificates,CN  =  Public  Key 

Services,CN  =  Services,CN  =  C  onfigu  ration,  DC  =  cpandl,DC  =  com  ?cACertificate?base? 
objectClass  =  certificationAuthority"  (Enterprise  CA  Certificates) 

•  Idap:  (AD  machine  object  certificates) 

•  -user  Idap:  (AD  user  object  certificates) 

Certld:  Certificate  or  CRL  match  token.  This  can  be  a  serial  number,  an  SHA-1  certificate,  CRL,  CTL  or  public  key 
hash,  a  numeric  cert  index  (0, 1,  and  so  on),  a  numeric  CRL  index  (.0,  .1,  and  so  on),  a  numeric  CTL  index  (..0,  ..1,  and 
so  on),  a  public  key,  signature  or  extension  Objectld,  a  certificate  subject  Common  Name,  an  e-mail  address,  UPN 
or  DNS  name,  a  key  container  name  or  CSP  name,  a  template  name  or  Objectld,  an  EKU  or  Application  Policies 
Objectld,  or  a  CRL  issuer  Common  Name.  Many  of  these  may  result  in  multiple  matches. 


OutputFile:  file  to  save  matching  cert 

Use  -user  to  access  a  user  store  instead  of  a  machine  store. 

Use  -enterprise  to  access  a  machine  enterprise  store. 

Use  -service  to  access  a  machine  service  store. 

Use  -grouppolicy  to  access  a  machine  group  policy  store. 

Examples: 

1.  -enterprise  NTAuth 

2.  -enterprise  Root  37 

3.  -user  My  26e0aaaf000000000004 

4.  CA.11 

[-f]  [-enterprise]  [-user]  [-GroupPolicy]  [-dc  DCName] 

Return  to  Menu 

-viewd  el  store 

CertUtil  [Options]  -viewdelstore  [CertificateStoreName  [Certld  [OutputFile]]] 

Delete  certificate  from  store 

CertificateStoreName:  Certificate  store  name.  Examples: 

•  "My",  "CA"  (default),  "Root", 

•  "ldap:///CN  =  Certification  Authorities, CN  =  Public  Key 

Services,CN  =  Services,CN  =  C  onfigu  ration,  DC  =  cpandl,DC  =  com  ?cACertificate?one? 
objectClass  =  certificationAuthority"  (View  Root  Certificates) 

•  "ldap:///CN  =  CAName,CN=Certification  Authorities, CN  =  Public  Key 

S  er  vices, CN  =Services,CN  =  Configuration,DC=cpandl,DC  =  com?cACertificate?base? 
objectClass  =  certificationAuthority"  (Modify  Root  Certificates) 

•  "ldap:///CN  =  CAName,CN  =  MachineName,CN=CDP,CN  =  Public  Key 

Services,CN  =  Services,CN  =  C  onfigu  ration,  DC  =  cpandl,DC  =  com?certificateRevocationList?base? 
objectClass  =  cRLDistributionPoint"  (View  CRLs) 

•  "ldap:///CN  =  NTAuthCertificates,CN  =  Public  Key 

S  er  vices, CN  =Services,CN  =  Configuration,DC=cpandl,DC  =  com?cACertificate?base? 
objectClass  =  certificationAuthority"  (Enterprise  CA  Certificates) 

•  Idap:  (AD  machine  object  certificates) 

•  -user  Idap:  (AD  user  object  certificates) 

Certld:  Certificate  or  CRL  match  token.  This  can  be  a  serial  number,  an  SHA-1  certificate,  CRL,  CTL  or  public  key 
hash,  a  numeric  cert  index  (0, 1,  and  so  on),  a  numeric  CRL  index  (.0,  .1,  and  so  on),  a  numeric  CTL  index  (..0,  „1,  and 
so  on),  a  public  key,  signature  or  extension  Objectld,  a  certificate  subject  Common  Name,  an  e-mail  address,  UPN 
or  DNS  name,  a  key  container  name  or  CSP  name,  a  template  name  or  Objectld,  an  EKU  or  Application  Policies 
Objectld,  or  a  CRL  issuer  Common  Name.  Many  of  these  may  result  in  multiple  matches. 

OutputFile:  file  to  save  matching  cert 

Use  -user  to  access  a  user  store  instead  of  a  machine  store. 

Use  -enterprise  to  access  a  machine  enterprise  store. 


Use  -service  to  access  a  machine  service  store. 


Use  -grouppolicy  to  access  a  machine  group  policy  store. 

Examples: 

1.  -enterprise  NTAuth 

2.  -enterprise  Root  37 

3.  -user  My  26e0aaaf000000000004 

4.  CA.11 

[-f]  [-enterprise]  [-user]  [-GroupPolicy]  [-dc  DCName] 

Return  to  Menu 

-dsPublish 

CertUtil  [Options]  -dsPublish  CertFile  [NTAuthCA  |  RootCA  |  SubCA  |  CrossCA  |  KRA  |  User  |  Machine] 
CertUtil  [Options]  -dsPublish  C R L File  [DSCDPContainer  [DSCDPCN]] 

Publish  certificate  or  CRL  to  Active  Directory 
CertFile:  certificate  file  to  publish 
NTAuthCA:  Publish  cert  to  DS  Enterprise  store 
RootCA:  Publish  cert  to  DS  Trusted  Root  store 
SubCA:  Publish  CA  cert  to  DS  CA  object 
CrossCA:  Publish  cross  cert  to  DS  CA  object 
KRA:  Publish  cert  to  DS  Key  Recovery  Agent  object 
User:  Publish  cert  to  User  DS  object 
Machine:  Publish  cert  to  Machine  DS  object 
CRLFile:  CRL  file  to  publish 

DSCDPContainer:  DS  CDP  container  CN,  usually  the  CA  machine  name 

DSCDPCN:  DS  CDP  object  CN,  usually  based  on  the  sanitized  CA  short  name  and  key  index 

Use  -f  to  create  DS  object. 

[-f]  [-user]  [-dc  DCName] 

Return  to  Menu 

-ADTemplate 

CertUtil  [Options]  -ADTemplate  [Template] 

Display  AD  templates 

[-f]  [-user]  [-ut]  [-mt]  [-dc  DCName] 

-Template 

CertUtil  [Options]  -Template  [Template] 

Display  Enrollment  Policy  templates 


[-f]  [-user]  [-silent]  [-PolicyServer  URLOrld]  [-Anonymous]  [-Kerberos]  [-ClientCertificate  ClientCertld]  [- 
UserName  UserName]  [-p  Password] 

Return  to  Menu 

-TemplateCAs 

CertUtil  [Options]  -TemplateCAs  Template 
Display  CAs  for  template 
[-f]  [-user]  [-dc  DCName] 

Return  to  Menu 

-CATemplates 

CertUtil  [Options]  -CATemplates  [Template] 

Display  templates  for  CA 

[-f]  [-user]  [-ut]  [-mt]  [-config  Machine\CAName]  [-dc  DCName] 

Return  to  Menu 

-SetCASites 

CertUtil  [Options]  -SetCASites  [set]  [SiteName] 

CertUtil  [Options]  -SetCASites  verify  [SiteName] 

CertUtil  [Options]  -SetCASites  delete 
Set,  Verify  or  Delete  CA  site  names 

•  Use  the  -config  option  to  target  a  single  CA  (Default  is  all  CAs) 

•  SiteName  is  allowed  only  when  targeting  a  single  CA 

•  Use  -f  to  override  validation  errors  for  the  specified  SiteName 

•  Use -f  to  delete  all  CA  site  names 

[-f]  [-config  Machine\CAName]  [-dc  DCName] 

NOTE 

For  more  information  on  configuring  CAs  for  Active  Directory  Domain  Services  (AD  DS)  site  awareness,  see  AD  DS  Site 
Awareness  for  AD  CS  and  PKI  clients. 

Return  to  Menu 

-enrollmentServerllRL 

CertUtil  [Options]  -enrollmentServerURL  [URL  AuthenticationType  [Priority]  [Modifiers]] 

CertUtil  [Options]  -enrollmentServerURL  URL  delete 

Display,  add  or  delete  enrollment  server  URLs  associated  with  a  CA 

AuthenticationType:  Specify  one  of  the  following  client  authentication  methods  while  adding  a  URL 


1.  Kerberos:  Use  Kerberos  SSL  credentials 

2.  UserName:  Use  named  account  for  SSL  credentials 

3.  ClientCertificate:  Use  X.509  Certificate  SSL  credentials 

4.  Anonymous:  Use  anonymous  SSL  credentials 

delete:  deletes  the  specified  URL  associated  with  the  CA 
Priority:  defaults  to  '1 '  if  not  specified  when  adding  a  URL 
Modifiers  —  Comma  separated  list  of  one  or  more  of  the  following: 

1 .  AllowRenewalsOnly:  Only  renewal  requests  can  be  submitted  to  this  CA  via  this  URL 

2.  AllowKeyBasedRenewal:  Allows  use  of  a  certificate  that  has  no  associated  account  in  the  AD.  This  applies  only 
with  ClientCertificate  and  AllowRenewalsOnly  Mode 

[-config  Machine\CAName]  [-dc  DCName] 

Return  to  Menu 


-ADCA 

CertUtil  [Options]  -ADCA  [CAName] 

Display  AD  CAs 

[-f]  [-split]  [-dc  DCName] 

Return  to  Menu 

-CA 

CertUtil  [Options]  -CA  [CAName  [  TemplateName] 

Display  Enrollment  Policy  CAs 

[-f]  [-user]  [-silent]  [-split]  [-PolicyServer  URLOrld]  [-Anonymous]  [-Kerberos]  [-ClientCertificate  ClientCertld]  [- 
UserName  UserName]  [-p  Password] 

Return  to  Menu 

-Policy 

Display  Enrollment  Policy 

[-f]  [-user]  [-silent]  [-split]  [-PolicyServer  URLOrld]  [-Anonymous]  [-Kerberos]  [-ClientCertificate  ClientCertld]  [- 
UserName  UserName]  [-p  Password] 

Return  to  Menu 

-PolicyCache 

CertUtil  [Options]  -PolicyCache  [delete] 

Display  or  delete  Enrollment  Policy  Cache  entries 
delete:  delete  Policy  Server  cache  entries 
-f:  use  -f  to  delete  all  cache  entries 


[-f]  [-user]  [-PolicyServer  URLOrld] 


Return  to  Menu 


-CredStore 

CertUtil  [Options]  -CredStore  [URL] 

CertUtil  [Options]  -CredStore  URL  add 
CertUtil  [Options]  -CredStore  URL  delete 
Display,  add  or  delete  Credential  Store  entries 

URL:  target  URL.  Use  *  to  match  all  entries.  Use  https://machine*  to  match  a  URL  prefix. 

add:  add  a  Credential  Store  entry.  SSL  credentials  must  also  be  specified. 

delete:  delete  Credential  Store  entries 

-f:  use  -f  to  overwrite  an  entry  or  to  delete  multiple  entries. 

[-f]  [-user]  [-silent]  [-Anonymous]  [-Kerberos]  [-ClientCertificate  ClientCertld]  [-UserName  UserName]  [-p 
Password] 

Return  to  Menu 

-InstallDefauItTemplates 

CertUtil  [Options]  -InstallDefauItTemplates 
Install  default  certificate  templates 
[-dc  DCName] 

Return  to  Menu 

-URLCache 

CertUtil  [Options]  -URLCache  [URL  |  CRL  |  *  [delete]] 

Display  or  delete  URL  cache  entries 
URL:  cached  URL 

CRL:  operate  on  all  cached  CRL  URLs  only 
*:  operate  on  all  cached  URLs 

delete:  delete  relevant  URLs  from  the  current  user's  local  cache 
Use  -f  to  force  fetching  a  specific  URL  and  updating  the  cache. 

[-f]  [-split] 

Return  to  Menu 

-pulse 

CertUtil  [Options]  -pulse 
Pulse  autoenrollment  events 


[-user] 


Return  to  Menu 


-Machinelnfo 

CertUtil  [Options]  -Machinelnfo  DomainName\MachineName$ 

Display  Active  Directory  computer  object  information 
Return  to  Menu 

-DC  Info 

CertUtil  [Options]  -DCInfo  [Domain]  [Verify  |  DeleteBad  |  DeleteAll] 

Display  domain  controller  information 
Default  is  to  display  DC  certs  without  verification 
[-f]  [-user]  [-urlfetch]  [-dc  DCName]  [-t  Timeout] 

TIP 

The  ability  to  specify  an  Active  Directory  Domain  Services  (AD  DS)  domain  [Domain]  and  to  specify  a  domain  controller  (-dc) 
was  added  in  Windows  Server  2012.  To  successfully  run  the  command,  you  must  use  an  account  that  is  a  member  of 
Domain  Admins  or  Enterprise  Admins.  The  behavior  modifications  of  this  command  are  as  follows: 

>  1 .  If  a  domain  is  not  specified  and  a  specific  domain  controller  is  not  specified,  this  option  returns  a  list  of  domain 
controllers  to  process  from  the  default  domain  controller. 

>  2.  If  a  domain  is  not  specified,  but  a  domain  controller  is  specified,  a  report  of  the  certificates  on  the  specified  domain 
controller  is  generated. 

>  3.  If  a  domain  is  specified,  but  a  domain  controller  is  not  specified,  a  list  of  domain  controllers  is  generated  along  with 
reports  on  the  certificates  for  each  domain  controller  in  the  list. 

>  4.  If  the  domain  and  domain  controller  are  specified,  a  list  of  domain  controllers  is  generated  from  the  targeted  domain 
controller.  A  report  of  the  certificates  for  each  domain  controller  in  the  list  is  also  generated. 


For  example,  assume  there  is  a  domain  named  C PAN  DL  with  a  domain  controller  named  C PAN  DL-DC1 .  You  could 
run  the  following  command  to  a  retrieve  a  list  of  domain  controllers  and  their  certificates  that  from  CPANDL-DC1: 
certutil  -dc  cpandl-dcl  -dcinfo  cpandl 

Return  to  Menu 

-Entlnfo 

CertUtil  [Options]  -Entlnfo  DomainName\MachineName$ 

[-f]  [-user] 

Return  to  Menu 

-TCAInfo 

CertUtil  [Options]  -TCAInfo  [DomainDN  |  -] 

Display  CA  information 

[-f]  [-enterprise]  [-user]  [-urlfetch]  [-dc  DCName]  [-t  Timeout] 


Return  to  Menu 


-SC  Info 

CertUtil  [Options]  -SCInfo  [ReaderName  [CRYPT_DELETE KEYSET]] 

Display  smart  card  information 

CRYPT_DELETEKEYSET:  Delete  all  keys  on  the  smart  card 
[-silent]  [-split]  [-urlfetch]  [-t  Timeout] 

Return  to  Menu 

-SC  Roots 

CertUtil  [Options]  -SCRoots  update  [+] [I nputRootF ile]  [ReaderName] 

CertUtil  [Options]  -SCRoots  save  @OutputRootFile  [ReaderName] 

CertUtil  [Options]  -SCRoots  view  [InputRootFile  |  ReaderName] 

CertUtil  [Options]  -SCRoots  delete  [ReaderName] 

Manage  smart  card  root  certificates 
[-f]  [-split]  [-p  Password] 

Return  to  Menu 

-verifykeys 

CertUtil  [Options]  -verifykeys  [KeyContainerName  CACertFile] 

Verify  public/private  key  set 

KeyContainerName:  key  container  name  of  the  key  to  verify.  Defaults  to  machine  keys.  Use  -user  for  user  keys. 
CACertFile:  signing  or  encryption  certificate  file 

If  no  arguments  are  specified,  each  signing  CA  cert  is  verified  against  its  private  key. 

This  operation  can  only  be  performed  against  a  local  CA  or  local  keys. 

[-f]  [-user]  [-silent]  [-config  Machine\CAName] 

Return  to  Menu 

-verify 

CertUtil  [Options]  -verify  CertFile  [Appl ication Policy L ist  |  -  [IssuancePolicyList]] 

CertUtil  [Options]  -verify  CertFile  [CACertFile  [CrossedCACertFile]] 

CertUtil  [Options]  -verify  CRLFile  CACertFile  [IssuedCertFile] 

CertUtil  [Options]  -verify  CRLFile  CACertFile  [DeltaC R L F ile] 

Verify  certificate,  CRL  or  chain 
CertFile:  Certificate  to  verify 

Appl  ication  Pol  icy  L  ist:  optional  comma  separated  list  of  required  Application  Policy  Objectlds 
IssuancePolicyList:  optional  comma  separated  list  of  required  Issuance  Policy  Objectlds 


C ACertFile:  optional  issuing  CA  certificate  to  verify  against 
CrossedCACertFile:  optional  certificate  cross-certified  by  CertFile 
CRLFile:  CRL  to  verify 

IssuedCertFile:  optional  issued  certificate  covered  by  CRLFile 
DeltaC R L F ile:  optional  delta  CRL 

If  Appl ication Policy L ist  is  specified,  chain  building  is  restricted  to  chains  valid  for  the  specified  Application  Policies. 
If  IssuancePolicyList  is  specified,  chain  building  is  restricted  to  chains  valid  for  the  specified  Issuance  Policies. 

If  CACertFile  is  specified,  fields  in  CACertFile  are  verified  against  CertFile  or  CRLFile. 

If  CACertFile  is  not  specified,  CertFile  is  used  to  build  and  verify  a  full  chain. 

If  CACertFile  and  CrossedCACertFile  are  both  specified,  fields  in  CACertFile  and  CrossedCACertFile  are  verified 
against  CertFile. 

If  IssuedCertFile  is  specified,  fields  in  IssuedCertFile  are  verified  against  CRLFile. 

If  DeltaCRLFile  is  specified,  fields  in  DeltaCRLFile  are  verified  against  CRLFile. 

[-f]  [-enterprise]  [-user]  [-silent]  [-split]  [-urlfetch]  [-t  Timeout] 

Return  to  Menu 

-verifyCTL 

CertUtil  [Options]  -verifyCTL  CTLObject  [CertDir]  [CertFile] 

Verify  AuthRoot  or  Disallowed  Certificates  CTL 
CTLObject:  Identifies  the  CTL  to  verify: 

•  AuthRootWU:  read  AuthRoot  CAB  and  matching  certificates  from  the  URL  cache.  Use  -f  to  download  from 
Windows  Update  instead. 

•  DisallowedWU:  read  Disallowed  Certificates  CAB  and  disallowed  certificate  store  file  from  the  URL  cache.  Use  - 
f  to  download  from  Windows  Update  instead. 

•  AuthRoot:  read  registry  cached  AuthRoot  CTL.  Use  with  -f  and  a  CertFile  that  is  not  already  trusted  to  force 
updating  the  registry  cached  AuthRoot  and  Disallowed  Certificate  CTLs. 

•  Disallowed:  read  registry  cached  Disallowed  Certificates  CTL.  -f  has  the  same  behavior  as  with  AuthRoot. 

•  CTLFileName:  file  or  http:  path  to  CTL  or  CAB 

CertDir:  folder  containing  certificates  matching  CTL  entries.  An  http:  folder  path  must  end  with  a  path  separator.  If 
a  folder  is  not  specified  with  AuthRoot  or  Disallowed,  multiple  locations  will  be  searched  for  matching  certificates: 
local  certificate  stores,  crypt32.dll  resources  and  the  local  URL  cache.  Use  -f  to  download  from  Windows  Update 
when  necessary.  Otherwise  defaults  to  the  same  folder  or  web  site  as  the  CTLObject. 

CertFile:  file  containing  certificate(s)  to  verify.  Certificates  will  be  matched  against  CTL  entries,  and  match  results 
displayed.  Suppresses  most  of  the  default  output. 

[-f]  [-user]  [-split] 

Return  to  Menu 

-sign 

CertUtil  [Options]  -sign  I n F ileList| S erial N um ber|C R L  OutFileList  [StartDate+dd:hh]  [+SerialNumberList  |  - 


SerialNumberList  |  -ObjectldList  |  @ExtensionFile] 

CertUtil  [Options]  -sign  I n F ileList| S erial N um ber|C R L  OutFileList  [#HashAlgorithm] 
[+AlternateSignatureAlgorithm  |  -Alternates ignatureAlgorithm] 

Re-sign  CRL  or  certificate 

InFileList:  comma  separated  list  of  Certificate  or  CRL  files  to  modify  and  re-sign 

SerialNumber:  Serial  number  of  certificate  to  create.  Validity  period  and  other  options  must  not  be  present. 

CRL:  Create  an  empty  CRL.  Validity  period  and  other  options  must  not  be  present. 

OutFileList:  comma  separated  list  of  modified  Certificate  or  CRL  output  files.  The  number  of  files  must  match 
InFileList. 

StartDate+dd:hh:  new  validity  period:  optional  date  plus;  optional  days  and  hours  validity  period;  If  both  are 
specified,  use  a  plus  sign  (+)  separator.  Use  "now[+dd:hh]"  to  start  at  the  current  time.  Use  "never"  to  have  no 
expiration  date  (for  CRLs  only). 

SerialNumberList:  comma  separated  serial  number  list  to  add  or  remove 
ObjectldList:  comma  separated  extension  Objectld  list  to  remove 
@ExtensionFile:  INF  file  containing  extensions  to  update  or  remove: 

[Extensions] 

2.5.29.31  =  ;  Remove  CRL  Distribution  Points  extension 
2.5.29.15  =  "{hex}"  ;  Update  Key  Usage  extension 
_continue_="03  02  01  86" 

HashAlgorithm:  Name  of  the  hash  algorithm  preceded  by  a  #  sign 
AlternateSignatureAlgorithm:  alternate  Signature  algorithm  specifier 

A  minus  sign  causes  serial  numbers  and  extensions  to  be  removed.  A  plus  sign  causes  serial  numbers  to  be  added 
to  a  CRL.  When  removing  items  from  a  CRL,  the  list  may  contain  both  serial  numbers  and  Objectlds.  A  minus  sign 
before  AlternateSignatureAlgorithm  causes  the  legacy  signature  format  to  be  used.  A  plus  sign  before 
AlternateSignatureAlgorithm  causes  the  alternature  signature  format  to  be  used.  If  AlternateSignatureAlgorithm  is 
not  specified  then  the  signature  format  in  the  certificate  or  CRL  is  used. 

[-nullsign]  [-f]  [-silent]  [-Cert  Certld] 

Return  to  Menu 

-vroot 

CertUtil  [Options]  -vroot  [delete] 

Create/delete  web  virtual  roots  and  file  shares 
Return  to  Menu 

-vocsproot 

CertUtil  [Options]  -vocsproot  [delete] 

Create/delete  web  virtual  roots  for  OCSP  web  proxy 


Return  to  Menu 


-addEnrollmentServer 


CertUtil  [Options]  -addEnrollmentServer  Kerberos  |  UserName  |  ClientCertificate  [AllowRenewalsOnly] 

[Allow  Key  Based  Renewal] 

Add  an  Enrollment  Server  application 

Add  an  Enrollment  Server  application  and  application  pool  if  necessary,  for  the  specified  CA.  This  command  does 
not  install  binaries  or  packages.  One  of  the  following  authentication  methods  with  which  the  client  connects  to  a 
Certificate  Enrollment  Server. 

•  Kerberos:  Use  Kerberos  SSL  credentials 

•  UserName:  Use  named  account  for  SSL  credentials 

•  ClientCertificate:  Use  X.509  Certificate  SSL  credentials 

•  AllowRenewalsOnly:  Only  renewal  requests  can  be  submitted  to  this  CA  via  this  URL 

•  AllowKeyBasedRenewal  —  Allows  use  of  a  certificate  that  has  no  associated  account  in  the  AD.  This  applies  only 
with  ClientCertificate  and  AllowRenewalsOnly  mode. 

[-config  Machine\CAName] 

Return  to  Menu 

-deleteEnrollmentServer 

CertUtil  [Options]  -deleteEnrollmentServer  Kerberos  |  UserName  |  ClientCertificate 
Delete  an  Enrollment  Server  application 

Delete  an  Enrollment  Server  application  and  application  pool  if  necessary,  for  the  specified  CA.  This  command 
does  not  remove  binaries  or  packages.  One  of  the  following  authentication  methods  with  which  the  client  connects 
to  a  Certificate  Enrollment  Server. 

1.  Kerberos:  Use  Kerberos  SSL  credentials 

2.  UserName:  Use  named  account  for  SSL  credentials 

3.  ClientCertificate:  Use  X.509  Certificate  SSL  credentials 

[-config  Machine\CAName] 

Return  to  Menu 

-addPolicyServer 

CertUtil  [Options]  -addPolicyServer  Kerberos  |  UserName  |  ClientCertificate  [KeyBasedRenewal] 

Add  a  Policy  Server  application 

Add  a  Policy  Server  application  and  application  pool  if  necessary.  This  command  does  not  install  binaries  or 
packages.  One  of  the  following  authentication  methods  with  which  the  client  connects  to  a  Certificate  Policy 
Server: 

•  Kerberos:  Use  Kerberos  SSL  credentials 

•  UserName:  Use  named  account  for  SSL  credentials 

•  ClientCertificate:  Use  X.509  Certificate  SSL  credentials 

•  KeyBasedRenewal:  Only  policies  that  contain  KeyBasedRenewal  templates  are  returned  to  the  client.  This  flag 
applies  only  for  UserName  and  ClientCertificate  authentication. 


Return  to  Menu 


-deletePolicyServer 

CertUtil  [Options]  -deletePolicyServer  Kerberos  |  UserName  |  ClientCertificate  [KeyBasedRenewal] 

Delete  a  Policy  Server  application 

Delete  a  Policy  Server  application  and  application  pool  if  necessary.  This  command  does  not  remove  binaries  or 
packages.  One  of  the  following  authentication  methods  with  which  the  client  connects  to  a  Certificate  Policy 
Server: 

1.  Kerberos:  Use  Kerberos  SSL  credentials 

2.  UserName:  Use  named  account  for  SSL  credentials 

3.  ClientCertificate:  Use  X.509  Certificate  SSL  credentials 

4.  KeyBasedRenewal:  KeyBasedRenewal  policy  server 

Return  to  Menu 


-oid 

CertUtil  [Options]  -oid  Objectld  [DisplayName  |  delete  [Languageld  [Type]]] 

CertUtil  [Options]  -oid  Groupld 

CertUtil  [Options]  -oid  Algid  |  AlgorithmName  [Groupld] 

Display  Objectld  or  set  display  name 

•  Objectld  —  Objectld  to  display  or  to  add  display  name 

•  Groupld  —  decimal  Groupld  number  for  Objectlds  to  enumerate 

•  Algid  —  hexadecimal  Algid  for  Objectld  to  look  up 

•  AlgorithmName  —  Algorithm  Name  for  Objectld  to  look  up 

•  DisplayName  —  Display  Name  to  store  in  DS 

•  delete  —  delete  display  name 

•  Languageld  —  Language  Id  (defaults  to  current:  1033) 

•  Type  —  DS  object  type  to  create:  1  for  Template  (default),  2  for  Issuance  Policy,  3  for  Application  Policy 

•  Use  -f  to  create  DS  object. 

[-f] 

Return  to  Menu 

-error 

CertUtil  [Options]  -error  ErrorCode 
Display  error  code  message  text 
Return  to  Menu 

-getreg 

CertUtil  [Options]  -getreg  [[ca|restore|policy|exit|template|enroll|chain|PolicyServers}[Progld]] 
[RegistryValueName] 

Display  registry  value 


ca:  Use  CA's  registry  key 


restore:  Use  CA's  restore  registry  key 
policy:  Use  policy  module's  registry  key 
exit:  Use  first  exit  module's  registry  key 

template:  Use  template  registry  key  (use  -user  for  user  templates) 

enroll:  Use  enrollment  registry  key  (use  -user  for  user  context) 

chain:  Use  chain  configuration  registry  key 

PolicyServers:  Use  Policy  Servers  registry  key 

Progld:  Use  policy  or  exit  module's  Progld  (registry  subkey  name) 

RegistryValueName:  registry  value  name  (use  "Name*"  to  prefix  match) 

Value:  new  numeric,  string  or  date  registry  value  or  filename.  If  a  numeric  value  starts  with  "  +  "  or the  bits 
specified  in  the  new  value  are  set  or  cleared  in  the  existing  registry  value. 

If  a  string  value  starts  with  "+"  or and  the  existing  value  is  a  REG_MULTI_SZ  value,  the  string  is  added  to  or 
removed  from  the  existing  registry  value.  To  force  creation  of  a  REG_MULTI_SZ  value,  add  a  "\n"  to  the  end  of  the 
string  value. 

If  the  value  starts  with  the  rest  of  the  value  is  the  name  of  the  file  containing  the  hexadecimal  text 
representation  of  a  binary  value.  If  it  does  not  refer  to  a  valid  file,  it  is  instead  parsed  as  [Date] [  + 1-] [dd:hh]  —  an 
optional  date  plus  or  minus  optional  days  and  hours.  If  both  are  specified,  use  a  plus  sign  (+)  or  minus  sign  (-) 
separator.  Use  "now  +  dd:hh"  for  a  date  relative  to  the  current  time. 

Use  "chain\ChainCacheResyncFiletime  @now"  to  effectively  flush  cached  CRLs. 

[-f]  [-user]  [-GroupPolicy]  [-config  Machine\CAName] 

Return  to  Menu 

-setreg 

CertUtil  [Options]  -setreg  [{ca|restore|policy|exit|template|enrol I |chain|PolicyServers}[Prog Id]] RegistryValueName 
Value 

Set  registry  value 

ca:  Use  CA's  registry  key 

restore:  Use  CA's  restore  registry  key 

policy:  Use  policy  module's  registry  key 

exit:  Use  first  exit  module's  registry  key 

template:  Use  template  registry  key  (use  -user  for  user  templates) 

enroll:  Use  enrollment  registry  key  (use  -user  for  user  context) 

chain:  Use  chain  configuration  registry  key 

PolicyServers:  Use  Policy  Servers  registry  key 

Progld:  Use  policy  or  exit  module's  Progld  (registry  subkey  name) 

RegistryValueName:  registry  value  name  (use  "Name*"  to  prefix  match) 

Value:  new  numeric,  string  or  date  registry  value  or  filename.  If  a  numeric  value  starts  with  "  +  "  or the  bits 


specified  in  the  new  value  are  set  or  cleared  in  the  existing  registry  value. 

If  a  string  value  starts  with  "+"  or and  the  existing  value  is  a  REG_MULTI_SZ  value,  the  string  is  added  to  or 
removed  from  the  existing  registry  value.  To  force  creation  of  a  REG_MULTI_SZ  value,  add  a  "\n"  to  the  end  of  the 
string  value. 

If  the  value  starts  with  the  rest  of  the  value  is  the  name  of  the  file  containing  the  hexadecimal  text 
representation  of  a  binary  value.  If  it  does  not  refer  to  a  valid  file,  it  is  instead  parsed  as  [Date] [  + 1-] [dd:hh]  —  an 
optional  date  plus  or  minus  optional  days  and  hours.  If  both  are  specified,  use  a  plus  sign  (+)  or  minus  sign  (-) 
separator.  Use  "now  +  dd:hh"  for  a  date  relative  to  the  current  time. 

Use  "chain\ChainCacheResyncFiletime  @now"  to  effectively  flush  cached  CRLs. 

[-f]  [-user]  [-GroupPolicy]  [-config  Machine\CAName] 

Return  to  Menu 

-delreg 

CertUtil  [Options]  -delreg  [{ca|  restore|  policy  |exit|template|enrol  I  |chain|  Pol  icy  Servers}  [Prog  Id]] 
[RegistryValueName] 

Delete  registry  value 

ca:  Use  CA's  registry  key 

restore:  Use  CA's  restore  registry  key 

policy:  Use  policy  module's  registry  key 

exit:  Use  first  exit  module's  registry  key 

template:  Use  template  registry  key  (use  -user  for  user  templates) 

enroll:  Use  enrollment  registry  key  (use  -user  for  user  context) 

chain:  Use  chain  configuration  registry  key 

PolicyServers:  Use  Policy  Servers  registry  key 

Progld:  Use  policy  or  exit  module's  Progld  (registry  subkey  name) 

RegistryValueName:  registry  value  name  (use  "Name*"  to  prefix  match) 

Value:  new  numeric,  string  or  date  registry  value  or  filename.  If  a  numeric  value  starts  with  "  +  "  or the  bits 
specified  in  the  new  value  are  set  or  cleared  in  the  existing  registry  value. 

If  a  string  value  starts  with  "+"  or and  the  existing  value  is  a  REG_MULTI_SZ  value,  the  string  is  added  to  or 
removed  from  the  existing  registry  value.  To  force  creation  of  a  REG_MULTI_SZ  value,  add  a  "\n"  to  the  end  of  the 
string  value. 

If  the  value  starts  with  the  rest  of  the  value  is  the  name  of  the  file  containing  the  hexadecimal  text 
representation  of  a  binary  value.  If  it  does  not  refer  to  a  valid  file,  it  is  instead  parsed  as  [Date] [  + 1-] [dd:hh]  —  an 
optional  date  plus  or  minus  optional  days  and  hours.  If  both  are  specified,  use  a  plus  sign  (+)  or  minus  sign  (-) 
separator.  Use  "now  +  dd:hh"  for  a  date  relative  to  the  current  time. 

Use  "chain\ChainCacheResyncFiletime  @now"  to  effectively  flush  cached  CRLs. 

[-f]  [-user]  [-GroupPolicy]  [-config  Machine\CAName] 


Return  to  Menu 


-ImportKMS 

CertUtil  [Options]  -ImportKMS  UserKeyAndCertFile  [Certld] 

Import  user  keys  and  certificates  into  server  database  for  key  archival 

UserKeyAndCertFile  —  Data  file  containing  user  private  keys  and  certificates  to  be  archived.  This  can  be  any  of  the 
following: 

•  Exchange  Key  Management  Server  (KMS)  export  file 

•  PFX  file 

Certld:  KMS  export  file  decryption  certificate  match  token.  See  -store. 

Use  -f  to  import  certificates  not  issued  by  the  CA. 

[-f]  [-silent]  [-split]  [-config  Machine\CAName]  [-p  Password]  [-symkeyalg  SymmetricKeyAlgorithm[,KeyLength]] 
Return  to  Menu 

-ImportCert 

CertUtil  [Options]  -ImportCert  Certfile  [ExistingRow] 

Import  a  certificate  file  into  the  database 

Use  ExistingRow  to  import  the  certificate  in  place  of  a  pending  request  for  the  same  key. 

Use  -f  to  import  certificates  not  issued  by  the  CA. 

The  CA  may  also  need  to  be  configured  to  support  foreign  certificate  import:  certutil  -setreg  ca\KRAFIags 
+  KRAF_ENABLEFOREIGN 

[-f]  [-config  Machine\CAName] 

Return  to  Menu 

-GetKey 

CertUtil  [Options]  -GetKey  SearchToken  [RecoveryBlobOutFile] 

CertUtil  [Options]  -GetKey  SearchToken  script  OutputScriptFile 

CertUtil  [Options]  -GetKey  SearchToken  retrieve  |  recover  OutputFileBaseName 

Retrieve  archived  private  key  recovery  blob,  generate  a  recovery  script,  or  recover  archived  keys 

script:  generate  a  script  to  retrieve  and  recover  keys  (default  behavior  if  multiple  matching  recovery  candidates  are 
found,  or  if  the  output  file  is  not  specified). 

retrieve:  retrieve  one  or  more  Key  Recovery  Blobs  (default  behavior  if  exactly  one  matching  recovery  candidate  is 
found,  and  if  the  output  file  is  specified) 

recover:  retrieve  and  recover  private  keys  in  one  step  (requires  Key  Recovery  Agent  certificates  and  private  keys) 
SearchToken:  Used  to  select  the  keys  and  certificates  to  be  recovered. 

Can  be  any  of  the  following: 

1.  Certificate  Common  Name 

2.  Certificate  Serial  Number 

3.  Certificate  S  HA-1  hash  (thumbprint) 


4.  Certificate  Keyld  S HA-1  hash  (Subject  Key  Identifier) 

5.  Requester  Name  (domain\user) 

6.  UPN  (user@domain) 

RecoveryBlobOutFile:  output  file  containing  a  certificate  chain  and  an  associated  private  key,  still  encrypted  to  one 
or  more  Key  Recovery  Agent  certificates. 

OutputScriptFile:  output  file  containing  a  batch  script  to  retrieve  and  recover  private  keys. 

OutputFileBaseName:  output  file  base  name.  For  retrieve,  any  extension  is  truncated  and  a  certificate-specific 
string  and  the  ,rec  extension  are  appended  for  each  key  recovery  blob.  Each  file  contains  a  certificate  chain  and  an 
associated  private  key,  still  encrypted  to  one  or  more  Key  Recovery  Agent  certificates.  For  recover,  any  extension  is 
truncated  and  the  .pi  2  extension  is  appended.  Contains  the  recovered  certificate  chains  and  associated  private 
keys,  stored  as  a  PFX  file. 

[-f]  [-UnicodeText]  [-silent]  [-config  Machine\CAName]  [-p  Password]  [-ProtectTo  SAMNameAndSIDList]  [-csp 
Provider] 

Return  to  Menu 

-Recover Key 

CertUtil  [Options]  -RecoverKey  RecoveryBloblnFile  [PFXOutFile  [Recipientlndex]] 

Recover  archived  private  key 

[-f]  [-user]  [-silent]  [-split]  [-p  Password]  [-ProtectTo  SAMNameAndSIDList]  [-csp  Provider]  [-t  Timeout] 

Return  to  Menu 

-MergePFX 

CertUtil  [Options]  -MergePFX  PFXInFileList  PFXOutFile  [ExtendedProperties] 

PFXInFileList:  Comma  separated  PFX  input  file  list 
PFXOutFile:  PFX  output  file 
ExtendedProperties:  Include  extended  properties 

The  password  specified  on  the  command  line  is  a  comma  separated  password  list.  If  more  than  one  password  is 
specified,  the  last  password  is  used  for  the  output  file.  If  only  one  password  is  provided  or  if  the  last  password  is  "*", 
the  user  will  be  prompted  for  the  output  file  password. 

[-f]  [-user]  [-split]  [-p  Password]  [-ProtectTo  SAMNameAndSIDList]  [-csp  Provider] 

Return  to  Menu 

-ConvertEPF 

CertUtil  [Options]  -ConvertEPF  PFXInFileList  EPFOutFile  [cast  |  cast-]  [V3CACertld][,Salt] 

Convert  PFX  files  to  EPF  file 

PFXInFileList:  Comma  separated  PFX  input  file  list 

EPF:  EPF  output  file 

cast:  Use  CAST  64  encryption 

cast-:  Use  CAST  64  encryption  (export) 


V3C ACertld:  V3  CA  Certificate  match  token.  See  -store  Certld  description. 


Salt:  EPF  output  file  salt  string 

The  password  specified  on  the  command  line  is  a  comma  separated  password  list.  If  more  than  one  password  is 
specified,  the  last  password  is  used  for  the  output  file.  If  only  one  password  is  provided  or  if  the  last  password  is  "* 
the  user  will  be  prompted  for  the  output  file  password. 

[-f]  [-silent]  [-split]  [-dc  DCName]  [-p  Password]  [-csp  Provider] 

Return  to  Menu 

Options 

This  section  defines  the  options  that  you  can  specify  with  the  command. 


OPTIONS 

DESCRIPTION 

-nullsign 

Use  hash  of  data  as  signature 

-f 

Force  overwrite 

-enterprise 

Use  local  machine  Enterprise  registry  certificate  store 

-user 

Use  HKEY_CURRENT_USER  keys  or  certificate  store 

-GroupPolicy 

Use  Group  Policy  certificate  store 

-ut 

Display  user  templates 

-mt 

Display  machine  templates 

-Unicode 

Write  redirected  output  in  Unicode 

-UnicodeText 

Write  output  file  in  Unicode 

-gmt 

Display  times  as  GMT 

-seconds 

Display  times  with  seconds  and  milliseconds 

-silent 

Use  silent  flag  to  acquire  crypt  context 

-split 

Split  embedded  ASN.1  elements,  and  save  to  files 

-v 

Verbose  operation 

-privatekey 

Display  password  and  private  key  data 

-pin  PIN 

Smart  Card  PIN 

-urlfetch 

Retrieve  and  verify  AIA  Certs  and  CDP  CRLs 

-config  Machine\CAName 

CA  and  computer  name  string 

OPTIONS 


DESCRIPTION 


-Policy Server  URLOrld 

Policy  Server  URL  or  Id.  For  selection  U/l,  use  -PolicyServer.  For 
all  Policy  Servers,  use  -  PolicyServer  * 

-Anonymous 

Use  anonymous  SSL  credentials 

-Kerberos 

Use  Kerberos  SSL  credentials 

-ClientCertificate  ClientCertld 

Use  X.509  Certificate  SSL  credentials.  For  selection  U/l,  use  - 
clientCertificate. 

-UserName  UserName 

Use  named  account  for  SSL  credentials.  For  selection  U/l,  use  - 

UserName. 

-Cert  Certld 

Signing  certificate 

-dc  DCName 

Target  a  specific  Domain  Controller 

-restrict  RestrictionList 

Comma  separated  Restriction  List.  Each  restriction  consists  of  a 
column  name,  a  relational  operator  and  a  constant  integer, 
string  or  date.  One  column  name  may  be  preceded  by  a  plus 
or  minus  sign  to  indicate  the  sort  order.  Examples: 

"Requestld  =  47" 

"+RequesterName  >=  a,  RequesterName  <  b" 
"-RequesterName  >  DOMAIN,  Disposition  =  21" 

-out  ColumnList 

Comma  separated  Column  List 

-p  Password 

Password 

-Protect To  SAMNameAndSIDList 

Comma  separated  SAM  Name/SID  List 

-csp  Provider 

Provider 

-t  Timeout 

URL  fetch  timeout  in  milliseconds 

-symkeyalg  SymmetricKeyAlgorithm[,  Key  Length] 

Name  of  Symmetric  Key  Algorithm  with  optional  key  length, 
example:  AES,  128  or  3DES 

Return  to  Menu 


Additional  certutil  examples 

For  some  examples  of  how  to  use  this  command,  see 

1 .  Certutil  Examples  for  Managing  Active  Directory  Certificate  Services  (AD  CS)  from  the  Command  Line 

2.  Certutil  tasks  for  managing  certificates 

3.  Binary  Request  Export  Using  the  CertUtil.exe  Command-Line  Tool  Walkthrough 

4.  Root  CA  certificate  renewal 

5.  Certutil 


Return  to  Menu 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  remote  Desktop  Session  Host  (rd  Session  Host)  server  settings  for  logons,  COM  port  mappings,  and 
install  mode. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 


change  logon 
change  port 
change  user 


Parameters 


PARAMETER 


DESCRIPTION 


change  logon 


Enables  or  disables  logons  from  client  sessions  on  an  rd 
Session  Host  server,  or  displays  current  logon  status. 


change  port 


lists  or  changes  the  COM  port  mappings  to  be  compatible  with 
MS-DOS  applications. 


change  user 


changes  the  install  mode  for  the  rd  Session  Host  server. 


additional  references 

Command- Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


10/24/2017  *  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

change  logon 

Enables  or  disables  logons  from  client  sessions,  or  displays  current  logon  status.  This  utility  is  useful  for  system 
maintenance,  for  examples  of  how  to  use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  Tech  Net  Library. 


Syntax 


change  logon  {/query  |  /enable  |  /disable  |  /drain 

|  /drainuntilrestart} 

Parameters 

PARAMETER 

DESCRIPTION 

/query 

Displays  the  current  logon  status,  whether  enabled  or  disabled. 

/enable 

Enables  logons  from  client  sessions,  but  not  from  the  console. 

/disable 

Disables  subsequent  logons  from  client  sessions,  but  not  from 
the  console.  Does  not  affect  currently  logged  on  users. 

/drain 

Disables  logons  from  new  client  sessions,  but  allows 
reconnections  to  existing  sessions. 

/drainuntilrestart 

Disables  logons  from  new  client  sessions  until  the  computer  is 
restarted,  but  allows  reconnections  to  existing  sessions. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  Only  administrators  can  use  the  change  logon  command. 

•  Logons  are  re-enabled  when  you  restart  the  system.  If  you  are  connected  to  the  remote  Desktop  Session  Host  (rd 
Session  Host)  server  from  a  client  session  and  disable  logons,  and  then  log  off  before  re-enabling  logons,  you  will  not  be 
able  to  reconnect  to  your  session.  To  re-enable  logons  from  client  sessions,  log  on  at  the  console.  ##  Examples 

•  To  display  the  current  logon  status,  type:  change  logon  /query 

•  To  enable  logons  from  client  sessions,  type:  change  logon  /enable 

•  To  disable  client  logons,  type:  change  logon  /disable  ####  additional  references  Command- Line  Syntax  Key  change 
remote  Desktop  Services  (Terminal  Services)  Command  Reference 


change  port 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

lists  or  changes  the  COM  port  mappings  to  be  compatible  with  MS-DOS  applications,  for  examples  of  how  to  use 
this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 


change  port  [<PortX>=<PortY>  |  /d  <PortX>  |  /query] 

Parameters 

PARAMETER 

DESCRIPTION 

= 

Maps  COM  <PortX>  to  <PortY>. 

/d 

deletes  the  mapping  for  COM  <PortX>. 

/query 

Displays  the  current  port  mappings. 

/? 

Displays  help  at  the  command  prompt 

remarks 

•  Most  MS-DOS  applications  support  only  COM1  through  COM4  serial  ports.  The  change  port  command  maps  a  serial 
port  to  a  different  port  number,  allowing  applications  that  do  not  support  high-numbered  COM  ports  to  access  the  serial 
port,  remapping  works  only  for  the  current  session  and  is  not  retained  if  you  log  off  from  a  session  and  then  log  on 
again. 

•  Use  change  port  without  any  parameters  to  display  the  available  COM  ports  and  their  current  mappings.  ##  Examples 

•  To  map  COM1 2  to  COM1  for  use  by  an  MS-DOS-based  application,  type:  change  port  comi2=comi 

•  To  display  the  current  port  mappings,  type:  change  port  /query  ####  additional  references  Command- Line  Syntax  Key 
change  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


change  user 

1 0/24/2017  •  3  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 


changes  the  install  mode  for  the  remote  Desktop  Session  Host  (rd  Session  Host)  server,  for  examples  of  how  to 
use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  Tech  Net  Library. 

Syntax 

change  user  {/execute  |  /install  |  /query} 

Parameters 

PARAMETER 

DESCRIPTION 

/execute 

Enables  .ini  file  mapping  to  the  home  directory.  This  is  the 
default  setting. 

/install 

Disables  .ini  file  mapping  to  the  home  directory.  All  .ini  files  are 
read  and  written  to  the  system  directory.  You  must  disable  .ini 
file  mapping  when  installing  applications  on  an  rd  Session  Host 

server. 

/query 

Displays  the  current  setting  for  .ini  file  mapping. 

/?  Displays  help  at  the  command  prompt. 


remarks 

•  Use  change  user  /install  before  installing  an  application  to  create  .ini  files  for  the  application  in  the  system  directory. 
These  files  are  used  as  the  source  when  user-specific  .ini  files  are  created.  After  installing  the  application,  use  change  user 
/execute  to  revert  to  standard  .ini  file  mapping. 

•  The  first  time  that  you  run  the  application,  it  searches  the  home  directory  for  its  .ini  files.  If  the  .ini  files  are  not  found  in 
the  home  directory,  but  are  found  in  the  system  directory,  remote  Desktop  Services  copies  the  .ini  files  to  the  home 
directory,  ensuring  that  each  user  has  a  unique  copy  of  the  application  .ini  files.  Any  new  .ini  files  are  created  in  the  home 
directory. 

•  Each  user  should  have  a  unique  copy  of  the  .ini  files  for  an  application.  This  prevents  instances  where  different  users  might 
have  incompatible  application  configurations  (for  example,  different  default  directories  or  screen  resolutions). 

•  When  the  system  is  in  install  mode  (that  is,  change  user  /install),  several  things  occur.  All  registry  entries  that  are  created 
are  shadowed  under  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows  NT\Currentversion\Terminal 
Server\lnstall,  in  either  the  \SOFTWARE  subkey  or  the  \MACHINE  subkey.  Subkeys  added  to  HKEY_CURrenT_USER 
are  copied  under  the  \SOFTWARE  subkey,  and  subkeys  added  to  HKEY_LOCAL_MACHINE  are  copied  under  the 
\MACHINE  subkey.  If  the  application  queries  the  Windows  directory  by  using  system  calls,  such  as  GetWindowsdirectory, 
the  rd  Session  Host  server  returns  the  systemroot  directory.  If  any  .ini  file  entries  are  added  by  using  system  calls,  such  as 
WritePrivateProfileString,  they  are  added  to  the  .ini  files  under  the  systemroot  directory. 


When  the  system  returns  to  execution  mode  (that  is,  change  user  /execute),  and  the  application  tries  to  read  a  registry 
entry  under  HKEY_CURrenT_USER  that  does  not  exist,  remote  Desktop  Services  checks  to  see  whether  a  copy  of  the  key 
exists  under  the  \Terminal  Server\lnstall  subkey.  If  it  does,  the  subkeys  are  copied  to  the  appropriate  location  under 
HKEY_CURrenT_USER.  If  the  application  tries  to  read  from  an  .ini  file  that  does  not  exist,  remote  Desktop  Services 
searches  for  that  .ini  file  under  the  system  root.  If  the  .ini  file  is  in  the  system  root,  it  is  copied  to  the  \Windows 
subdirectory  of  the  user's  home  directory.  If  the  application  queries  the  Windows  directory,  the  rd  Session  Host  server 
returns  the\Windows  subdirectory  of  the  user's  home  directory. 

When  you  log  on,  remote  Desktop  Services  checks  whether  its  system  .ini  files  are  newer  than  the  .ini  files  on  your 
computer.  If  the  system  version  is  newer,  your  .ini  file  is  either  replaced  or  merged  with  the  newer  version.  This  depends 
on  whether  or  not  the  INISYNC  bit,  0x40,  is  set  for  this  .ini  file.  Your  previous  version  of  the  .ini  file  is  renamed  as  Inifile.ctx. 
If  the  system  registry  values  under  the  \Terminal  Server\lnstall  subkey  are  newer  than  your  version  under 
HKEY_CURrenT_USER,  your  version  of  the  subkeys  is  deleted  and  replaced  with  the  new  subkeys  from  \Terminal 
Server\lnstall.  ##  Examples 

To  disable  .ini  file  mapping  in  the  home  directory,  type:  change  user  /install 
To  enable  .ini  file  mapping  in  the  home  directory,  type:  change  user  /execute 

To  display  the  current  setting  for  .ini  file  mapping,  type:  change  user  /query  ####  additional  references  Command- Line 
Syntax  Key  change  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


chcp 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Changes  the  active  console  code  page.  If  used  without  parameters,  chcp  displays  the  number  of  the  active  console 
code  page. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

chcp  [<NNN>] 


Parameters 


PARAMETER 

DESCRIPTION 

<NNN> 

Specifies  the  code  page. 

/? 

Displays  help  at  the  command  prompt. 

The  following  table  lists  each  supported  code  page  and  its  country/region  or  language: 

CODE  PAGE 

COUNTRY/REGION  OR  LANGUAGE 

437 

United  States 

850 

Multilingual  (Latin  1) 

852 

Slavic  (Latin  II) 

855 

Cyrillic  (Russian) 

857 

Turkish 

860 

Portuguese 

861 

Icelandic 

863 

Canadian-French 

865 

Nordic 

866 

Russian 

869 

Modern  Greek 

Remarks 


•  Only  the  original  equipment  manufacturer  (OEM)  code  page  that  is  installed  with  Windows  appears  correctly  in 
a  Command  Prompt  window  that  uses  Raster  fonts.  Other  code  pages  appear  correctly  in  full-screen  mode  or 
in  Command  Prompt  windows  that  use  TrueType  fonts. 

•  You  do  not  need  to  prepare  code  pages  (as  in  MS-DOS). 

•  Programs  that  you  start  after  you  assign  a  new  code  page  use  the  new  code  page.  However,  programs  (except 
Cmd.exe)  that  you  start  before  you  assign  the  new  code  page  use  the  original  code  page. 

Examples 

To  view  the  active  code  page  setting,  type: 

chcp 

A  message  similar  to  the  following  appears: 

Active  code  page:  457 

To  change  the  active  code  page  to  850  (Multilingual),  type: 
chcp  850 

If  the  specified  code  page  is  invalid,  the  following  error  message  appears: 

Invalid  code  page 

Additional  references 

Command-Line  Syntax  Key 


chdir 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


This  command  is  the  same  as  the  cd  command. 
See  cd  for  syntax  and  parameters. 

additional  references 

•  Command-Line  Syntax  Key 


chglogon 

1 2/6/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Enables  or  disables  logons  from  client  sessions  on  an  rd  Session  Host  server,  or  displays  current  logon  status. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  change  logon  command. 

additional  references 

change  logon  Command- Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


chgport 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

lists  or  changes  the  COM  port  mappings  to  be  compatible  with  MS-DOS  applications. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  change  port  command. 

additional  references 

change  port  Command- Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


chgusr 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  install  mode  for  the  remote  Desktop  Session  Host  (rd  Session  Host)  server. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  change  user  command. 

additional  references 

change  user 

Command-Line  Syntax  Key 

remote  Desktop  Services  (Terminal  Services)  Command  Reference 


chkdsk 

4/1 3/2018  •  6  min  to  read  •  Edit  Online 

Checks  the  file  system  and  file  system  metadata  of  a  volume  for  logical  and  physical  errors.  If  used  without 
parameters,  chkdsk  displays  only  the  status  of  the  volume  and  does  not  fix  any  errors.  If  used  with  the  /f,  /r,  /x,  or 
/b  parameters,  it  fixes  errors  on  the  volume. 

IMPORTANT 

Membership  in  the  local  Administrators  group,  or  equivalent,  is  the  minimum  required  to  run  chkdsk.  To  open  a  command 
prompt  window  as  an  administrator,  right-click  Command  prompt  in  the  Start  menu,  and  then  click  Run  as  administrator. 

IMPORTANT 

Interrupting  chkdsk  is  not  recommended.  However,  canceling  or  interrupting  chkdsk  should  not  leave  the  volume  any  more 
corrupt  than  it  was  before  chkdsk  was  run.  Rerunning  chkdsk  checks  and  repairs  any  remaining  corruption  on  the  volume. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

chkdsk  [<Volume>[ [<Path>]<FileName>] ]  [/f]  [/v]  [ / n ] 

[/x]  [/i]  [/<=]  [ /I [ :  <Size>]  ]  [/b] 

Parameters 

PARAMETER 

DESCRIPTION 

<Volume> 

Specifies  the  drive  letter  (followed  by  a  colon),  mount  point,  or 
volume  name. 

[<  Path  >  ] 

Use  with  file  allocation  table  (FAT)  and  FAT32  only.  Specifies  the 
location  and  name  of  a  file  or  set  of  files  that  you  want 
chkdsk  to  check  for  fragmentation.  You  can  use  the  ?  and  * 
wildcard  characters  to  specify  multiple  files. 

ft 

Fixes  errors  on  the  disk.  The  disk  must  be  locked.  If  chkdsk 
cannot  lock  the  drive,  a  message  appears  that  asks  you  if  you 
want  to  check  the  drive  the  next  time  you  restart  the 
computer. 

N 

Displays  the  name  of  each  file  in  every  directory  as  the  disk  is 
checked. 

/r 

Locates  bad  sectors  and  recovers  readable  information.  The 
disk  must  be  locked,  /r  includes  the  functionality  of /f,  with 
the  additional  analysis  of  physical  disk  errors. 

PARAMETER 


DESCRIPTION 


/X 

Forces  the  volume  to  dismount  first,  if  necessary.  All  open 
handles  to  the  drive  are  invalidated,  /x  also  includes  the 
functionality  of /f. 

fi 

Use  with  NTFS  only.  Performs  a  less  vigorous  check  of  index 
entries,  which  reduces  the  amount  of  time  required  to  run 

chkdsk. 

/c 

Use  with  NTFS  only.  Does  not  check  cycles  within  the  folder 
structure,  which  reduces  the  amount  of  time  required  to  run 

chkdsk. 

/l[:  <  Sizes  ] 

Use  with  NTFS  only.  Changes  the  log  file  size  to  the  size  you 
type.  If  you  omit  the  size  parameter,  /I  displays  the  current 
size. 

/b 

NTFS  only:  Clears  the  list  of  bad  clusters  on  the  volume  and 
rescans  all  allocated  and  free  clusters  for  errors,  /b  includes 
the  functionality  of /r.  Use  this  parameter  after  imaging  a 
volume  to  a  new  hard  disk  drive. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Skipping  volume  checks 

The  /i  or  /c  switch  reduces  the  amount  of  time  required  to  run  chkdsk  by  skipping  certain  volume  checks. 

•  Checking  a  locked  drive  at  restart 

If  you  want  chkdsk  to  correct  disk  errors,  you  cannot  have  open  files  on  the  drive.  If  files  are  open,  the 
following  error  message  appears: 

Chkdsk  cannot  nun  because  the  volume  is  in  use  by  another  process.  Would  you  like  to  schedule  this 
volume  to  be  checked  the  next  time  the  system  restarts?  (Y/N) 

If  you  choose  to  check  the  drive  the  next  time  you  restart  the  computer,  chkdsk  checks  the  drive  and 
corrects  errors  automatically  when  you  restart  the  computer.  If  the  drive  partition  is  a  boot  partition, 
chkdsk  automatically  restarts  the  computer  after  it  checks  the  drive. 

You  can  also  use  the  chkntfs  /c  command  to  schedule  the  volume  to  be  checked  the  next  time  the 
computer  is  restarted.  Use  the  fsutil  dirty  set  command  to  set  the  volume's  dirty  bit  (indicating  corruption), 
so  that  Windows  runs  chkdsk  when  the  computer  is  restarted. 

•  Reporting  disk  errors 

You  should  use  chkdsk  occasionally  on  FAT  and  NTFS  file  systems  to  check  for  disk  errors.  Chkdsk 
examines  disk  space  and  disk  use  and  provides  a  status  report  specific  to  each  file  system.  The  status  report 
shows  errors  found  in  the  file  system.  If  you  run  chkdsk  without  the  /f  parameter  on  an  active  partition,  it 
might  report  spurious  errors  because  it  cannot  lock  the  drive. 

•  Fixing  logical  disk  errors 

Chkdsk  corrects  logical  disk  errors  only  if  you  specify  the  /f  parameter.  Chkdsk  must  be  able  to  lock  the 


drive  to  correct  errors. 


Because  repairs  on  FAT  file  systems  usually  change  a  disk's  file  allocation  table  and  sometimes  cause  a  loss 
of  data,  chkdsk  might  display  a  confirmation  message  similar  to  the  following: 

10  lost  allocation  units  found  in  3  chains. 

Convert  lost  chains  to  files? 

If  you  press  Y,  Windows  saves  each  lost  chain  in  the  root  directory  as  a  file  with  a  name  in  the  format 
File<nnnn>.chk.  When  chkdsk  finishes,  you  can  check  these  files  to  see  if  they  contain  any  data  you  need.  If 
you  press  N,  Windows  fixes  the  disk,  but  it  does  not  save  the  contents  of  the  lost  allocation  units. 

If  you  do  not  use  the  /f  parameter,  chkdsk  displays  a  message  that  the  file  needs  to  be  fixed,  but  it  does  not 
fix  any  errors. 

If  you  use  chkdsk  /f  on  a  very  large  disk  or  a  disk  with  a  very  large  number  of  files  (for  example,  millions  of 
files),  chkdsk  /f  might  take  a  long  time  to  complete. 

Finding  physical  disk  errors 

Use  the  /r  parameter  to  find  physical  disk  errors  in  the  file  system  and  attempt  to  recover  data  from  any 
affected  disk  sectors. 

Using  chkdsk  with  open  files 

If  you  specify  the  /f  parameter,  chkdsk  displays  an  error  message  if  there  are  open  files  on  the  disk.  If  you 
do  not  specify  the  /f  parameter  and  open  files  exist,  chkdsk  might  report  lost  allocation  units  on  the  disk. 
This  could  happen  if  open  files  have  not  yet  been  recorded  in  the  file  allocation  table.  If  chkdsk  reports  the 
loss  of  a  large  number  of  allocation  units,  consider  repairing  the  disk. 

Using  chkdsk  with  Shadow  Copies  for  Shared  Folders 

Because  the  Shadow  Copies  for  Shared  Folders  source  volume  cannot  be  locked  while  Shadow  Copies  for 
Shared  Folders  is  enabled,  running  chkdsk  against  the  source  volume  might  report  false  errors  or  cause 
chkdsk  to  unexpectedly  quit.  You  can,  however,  check  shadow  copies  for  errors  by  running  chkdsk  in  Read¬ 
only  mode  (without  parameters)  to  check  the  Shadow  Copies  for  Shared  Folders  storage  volume. 

Understanding  exit  codes 

The  following  table  lists  the  exit  codes  that  chkdsk  reports  after  it  has  finished. 


EXIT  CODE 

DESCRIPTION 

0 

No  errors  were  found. 

1 

Errors  were  found  and  fixed. 

2 

Performed  disk  cleanup  (such  as  garbage  collection)  or  did 
not  perform  cleanup  because  /f  was  not  specified. 

3 

Could  not  check  the  disk,  errors  could  not  be  fixed,  or 

errors  were  not  fixed  because  /f  was  not  specified. 


The  chkdsk  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 

On  servers  that  are  infrequently  restarted,  you  may  want  to  use  the  chkntfs  or  the  fsutil  dirty  query 
commands  to  determine  whether  the  volume's  dirty  bit  is  already  set  before  running  chkdsk. 


Examples 

If  you  want  to  check  the  disk  in  drive  D  and  have  Windows  fix  errors,  type: 

chkdsk  d:  /f 

If  it  encounters  errors,  chkdsk  pauses  and  displays  messages.  Chkdsk  finishes  by  displaying  a  report  that  lists  the 
status  of  the  disk.  You  cannot  open  any  files  on  the  specified  drive  until  chkdsk  finishes. 

To  check  all  files  on  a  FAT  disk  in  the  current  directory  for  noncontiguous  blocks,  type: 

chkdsk  *.* 

Chkdsk  displays  a  status  report,  and  then  lists  the  files  that  match  the  file  specifications  that  have  noncontiguous 
blocks. 

Additional  references 

Command-Line  Syntax  Key 


chkntfs 
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Displays  or  modifies  automatic  disk  checking  when  the  computer  is  started.  If  used  without  options,  chkntfs 
displays  the  file  system  of  the  specified  volume.  If  automatic  file  checking  is  scheduled  to  run,  chkntfs  displays 
whether  the  specified  volume  is  dirty  or  is  scheduled  to  be  checked  the  next  time  the  computer  is  started. 


NOTE 

To  run  chkntfs,  you  must  be  a  member  of  the  Administrators  group. 


For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


chkntfs 

<Volume>  [ . . . ] 

chkntfs 

[M] 

chkntfs 

[ /t [ : <Time>] ] 

chkntfs 

[/x  <Volume>  [ . , 

chkntfs 

[/c  <Volume>  [ . , 

Parameters 

PARAMETER  DESCRIPTION 


<Volume>  [...] 

Specifies  one  or  more  volumes  to  check  when  the  computer 
starts.  Valid  volumes  include  drive  letters  (followed  by  a  colon), 
mount  points,  or  volume  names. 

/d 

Restores  all  chkntfs  default  settings,  except  the  countdown 
time  for  automatic  file  checking.  By  default,  all  volumes  are 
checked  when  the  computer  is  started,  and  chkdsk  runs  on 
those  that  are  dirty. 

/t  [:<Time>] 

Changes  the  Autochk.exe  initiation  countdown  time  to  the 
amount  of  time  specified  in  seconds.  If  you  do  not  enter  a 
time,  /t  displays  the  current  countdown  time. 

/x  <Volume>  [...] 

Specifies  one  or  more  volumes  to  exclude  from  checking  when 
the  computer  is  started,  even  if  the  volume  is  marked  as 
requiring  chkdsk. 

/c  <Volume>  [...] 

Schedules  one  or  more  volumes  to  be  checked  when  the 
computer  is  started,  and  runs  chkdsk  on  those  that  are  dirty. 

/?  Displays  help  at  the  command  prompt. 

Examples 


To  display  the  type  of  file  system  for  drive  C,  type: 


chkntfs  c: 


The  following  output  indicates  an  NTFS  file  system: 


The  type  of  the  file  system  is  NTFS. 


NOTE 

If  automatic  file  checking  is  scheduled  to  run,  additional  output  will  display,  indicating  whether  the  drive  is  dirty  or  has  been 
manually  scheduled  to  be  checked  the  next  time  the  computer  is  started. 


To  display  the  Autochk.exe  initiation  countdown  time,  type: 

chkntfs  /t 


For  example,  if  the  countdown  time  is  set  to  10  seconds,  the  following  output  displays: 

The  AUTOCHK  initiation  countdown  time  is  set  to  10  second(s). 


To  change  the  Autochk.exe  initiation  countdown  time  to  30  seconds,  type: 


The  /x  command-line  option  is  not  accumulative.  If  you  type  it  more  than  once,  the  most  recent  entry  overrides  the 
previous  entry.  To  exclude  multiple  volumes  from  being  checked,  you  must  list  each  of  them  in  a  single  command. 
For  example,  to  exclude  both  the  D  and  E  volumes,  type: 

chkntfs  /x  d:  e: 

The  /c  command-line  option  is  accumulative.  If  you  type  /c  more  than  once,  each  entry  remains.  To  ensure  that 
only  a  particular  volume  is  checked,  reset  the  defaults  to  clear  all  previous  commands,  exclude  all  volumes  from 
being  checked,  and  then  schedule  automatic  file  checking  on  the  desired  volume. 

For  example,  to  schedule  automatic  file  checking  on  the  D  volume  but  not  the  C  or  E  volumes,  type  the  following 
commands  in  order: 

chkntfs  /d 
chkntfs  /x  c:  d:  e: 
chkntfs  /c  d: 

Additional  references 

Command-Line  Syntax  Key 


choice 
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Prompts  the  user  to  select  one  item  from  a  list  of  single-character  choices  in  a  batch  program,  and  then  returns  the 
index  of  the  selected  choice.  If  used  without  parameters,  choice  displays  the  default  choices  Y  and  N. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

choice  [/c  [<ChoicelxChoice2x...>]  ]  [/n]  [/cs ]  [/t  <Timeout>  /d  <Choice>]  [/m  <"Text">] 


Parameters 

PARAMETER  DESCRIPTION 


/c  <Choice1  ><...> 

Specifies  the  list  of  choices  to  be  created.  Valid  choices  include 
a-z,  A-Z,  0-9,  and  extended  ASCII  characters  (128-254).  The 
default  list  is  "YN",  which  is  displayed  as  [y,n]?  . 

/n 

Hides  the  list  of  choices,  although  the  choices  are  still  enabled 
and  the  message  text  (if  specified  by  /m)  is  still  displayed. 

/cs 

Specifies  that  the  choices  are  case-sensitive.  By  default,  the 
choices  are  not  case-sensitive. 

/t  <  Timeout  > 

Specifies  the  number  of  seconds  to  pause  before  using  the 
default  choice  specified  by  /d.  Acceptable  values  are  from  0  to 
9999.  If /t  is  set  to  0,  choice  does  not  pause  before  returning 
the  default  choice. 

/d  <Choice> 

Specifies  the  default  choice  to  use  after  waiting  the  number  of 
seconds  specified  by  /t.  The  default  choice  must  be  in  the  list 
of  choices  specified  by  /c. 

/m  <"Text"> 

Specifies  a  message  to  display  before  the  list  of  choices.  If  /m 
is  not  specified,  only  the  choice  prompt  is  displayed. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  ERRORLEVEL  environment  variable  is  set  to  the  index  of  the  key  that  the  user  selects  from  the  list  of 
choices.  The  first  choice  in  the  list  returns  a  value  of  1,  the  second  a  value  of  2,  and  so  on.  If  the  user  presses  a 
key  that  is  not  a  valid  choice,  choice  sounds  a  warning  beep.  If  choice  detects  an  error  condition,  it  returns  an 
ERRORLEVEL  value  of  255.  If  the  user  presses  CTRL  +  BREAK  or  CTRL  +  C,  choice  returns  an  ERRORLEVEL 
value  of  0. 


NOTE 

When  you  use  ERRORLEVEL  values  in  a  batch  program,  list  them  in  decreasing  order. 


Examples 

To  present  the  choices  Y,  N,  and  C,  type  the  following  line  in  a  batch  file: 

choice  /c  ync 


The  following  prompt  appears  when  the  batch  file  runs  the  choice  command: 
[Yj  NjC] ? 


To  hide  the  choices  Y,  N,  and  C,  but  display  the  text  "Yes,  No,  or  Continue",  type  the  following  line  in  a  batch  file: 

choice  /c  ync  /n  /m  "Yes,  No,  on  Continue?" 


The  following  prompt  appears  when  the  batch  file  runs  the  choice  command: 


To  show  both  the  text  and  the  options  used  in  the  previous  examples,  type  the  following  line  in  a  batch  file: 

choice  /c  ync  /m  "Yes,  No,  or  Continue" 


The  following  prompt  appears  when  the  batch  file  runs  the  choice  command: 
Yes,  No,  or  Continue  [Y,N,C]? 


To  set  a  time  limit  of  five  seconds  and  specify  N  as  the  default  value,  type  the  following  line  in  a  batch  file: 

choice  /c  ync  /t  5  /d  n 


The  following  prompt  appears  when  the  batch  file  runs  the  choice  command: 


Additional  references 

Command-Line  Syntax  Key 


cipher 
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Displays  or  alters  the  encryption  of  directories  and  files  on  NTFS  volumes.  If  used  without  parameters,  cipher 
displays  the  encryption  state  of  the  current  directory  and  any  files  it  contains. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

cipher  [/e  |  /d  |  /c]  [/s:<Directory>]  [/b]  [/h ]  [PathName  [...]] 
cipher  /k 

cipher  /r:<FileName>  [/smartcard] 
cipher  /u  [/n] 
cipher  /w: <Directory> 
cipher  /x[:efsfile]  [FileName] 
cipher  /y 

cipher  /adduser  [/certhash : <Hash>  |  /certfile:<FileName>]  [/s :Directory]  [/b]  [/h]  [PathName  [...]] 
cipher  /removeuser  /certhash:<Hash>  [/s:<Directory>]  [/b]  [/h]  [<PathName>  [...]] 
cipher  /rekey  [PathName  [...]] 


Parameters 

PARAMETERS  DESCRIPTION 

/b  Aborts  if  an  error  is  encountered.  By  default,  cipher  continues 

to  run  even  if  errors  are  encountered. 


/C 

Displays  information  on  the  encrypted  file. 

/d 

Decrypts  the  specified  files  or  directories. 

/e 

Encrypts  the  specified  files  or  directories.  Directories  are 
marked  so  that  files  that  are  added  afterward  will  be 
encrypted. 

/h 

Displays  files  with  hidden  or  system  attributes.  By  default, 
these  files  are  not  encrypted  or  decrypted. 

/k 

Creates  a  new  certificate  and  key  for  use  with  Encrypting  File 
System  (EFS)  files.  If  the /k  parameter  is  specified,  all  other 
parameters  are  ignored. 

/r:<FileName>  [/smartcard] 

Generates  an  EFS  recovery  agent  key  and  certificate,  then 
writes  them  to  a  .pfx  file  (containing  certificate  and  private  key) 
and  a  .cer  file  (containing  only  the  certificate).  If /smartcard  is 
specified,  it  writes  the  recovery  key  and  certificate  to  a  smart 
card,  and  no  .pfx  file  is  generated. 

/s:<Directory> 

Performs  the  specified  operation  on  all  subdirectories  in  the 
specified  Directory. 

PARAMETERS 


DESCRIPTION 


/u  [/n] 

Finds  all  encrypted  files  on  the  local  drive(s).  If  used  with  the 
/n  parameter,  no  updates  are  made.  If  used  without  /n,  /u 
compares  the  user's  file  encryption  key  or  the  recovery  agent's 
key  to  the  current  ones,  and  updates  them  if  they  have 
changed.  This  parameter  works  only  with  /n. 

/w:<Directory> 

Removes  data  from  available  unused  disk  space  on  the  entire 
volume.  If  you  use  the  /w  parameter,  all  other  parameters  are 
ignored.  The  directory  specified  can  be  located  anywhere  in  a 
local  volume.  If  it  is  a  mount  point  or  points  to  a  directory  in 
another  volume,  the  data  on  that  volume  is  removed. 

/xfefsfile]  [<FileName>] 

Backs  up  the  EFS  certificate  and  keys  to  the  specified  file  name. 
If  used  with  :efsfile,  /x  backs  up  the  user's  certificate(s)  that 
were  used  to  encrypt  the  file.  Otherwise,  the  user's  current  EFS 
certificate  and  keys  are  backed  up. 

/y 

Displays  your  current  EFS  certificate  thumbnail  on  the  local 
computer. 

/adduser  [/certhash:<Hash> 

/certfile:] 

/rekey 

Updates  the  specified  encrypted  file(s)  to  use  the  currently 
configured  EFS  key. 

/removeuser  /certhash:<Hash> 

Removes  a  user  from  the  specified  file(s).  The  Hash  provided 
for  /certhash  must  be  the  SHA1  hash  of  the  certificate  to 

remove. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  If  the  parent  directory  is  not  encrypted,  an  encrypted  file  could  become  decrypted  when  it  is  modified. 
Therefore,  when  you  encrypt  a  file,  you  should  also  encrypt  the  parent  directory. 

•  An  administrator  can  add  the  contents  of  a  .cer  file  to  the  EFS  recovery  policy  to  create  the  recovery  agent  for 
users,  and  then  import  the  .pfx  file  to  recover  individual  files. 

•  You  can  use  multiple  directory  names  and  wildcards. 

•  You  must  put  spaces  between  multiple  parameters. 

Examples 

To  display  the  encryption  status  of  each  of  the  files  and  subdirectories  in  the  current  directory,  type: 

cipher 

Encrypted  files  and  directories  are  marked  with  an  E.  Unencrypted  files  and  directories  are  marked  with  a  U.  For 
example,  the  following  output  indicates  that  the  current  directory  and  all  its  contents  are  currently  unencrypted: 


Listing  C:\Users\MainUser\Documents\ 

New  files  added  to  this  directory  will  not  be  encrypted. 
U  Private 
U  hello.doc 
U  hello.txt 


To  enable  encryption  on  the  Private  directory  used  in  the  previous  example,  type: 

cipher  /e  private 


The  following  output  displays: 

Encrypting  files  in  C:\Users\MainUser\Documents\ 

Private  [OK] 

1  file(s)  [or  directorie(s)]  within  1  directorie(s)  were  encrypted. 


The  cipher  command  displays  the  following  output: 


Listing  C:\Users\MainUser\Documents\ 

New  files  added  to  this  directory  will  not  be  encrypted. 
E  Private 
U  hello.doc 
U  hello.txt 


Note  that  the  Private  directory  is  marked  as  encrypted. 

Additional  References 

Command-Line  Syntax  Key 


clip 
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Redirects  command  output  from  the  command  line  to  the  Windows  clipboard.  You  can  then  paste  this  text  output 
into  other  programs. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

<Command>  |  clip 
clip  <  <FileName> 


Parameters 

PARAMETER  DESCRIPTION 

< Command >  Specifies  a  command  whose  output  you  want  to  send  to  the 

Windows  Clipboard. 

<  FileName>  Specifies  a  file  whose  contents  you  want  to  send  to  the 

Windows  Clipboard. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

You  can  use  the  clip  command  to  copy  data  directly  into  any  application  that  can  receive  text  from  the  Clipboard. 

Examples 

To  copy  the  current  directory  listing  to  the  Windows  clipboard,  type: 
dir  |  clip 

To  copy  the  output  of  a  program  called  Generic.awk  to  the  Windows  Clipboard,  type: 
awk  -f  generic.awk  input.txt  |  clip 

To  copy  the  contents  of  a  file  called  Readme.txt  to  the  Windows  Clipboard,  type: 

clip  <  readme.txt 

Additional  references 


Command-Line  Syntax  Key 


els 
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Clears  the  Command  Prompt  window. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

els 


Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

Examples 

To  clear  all  information  that  appears  in  the  Command  Prompt  window  and  return  to  a  blank  window,  type: 

els 

Additional  references 


Command-Line  Syntax  Key 


Cmd 
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Starts  a  new  instance  of  the  command  interpreter,  Cmd.exe.  If  used  without  parameters,  cmd  displays  the  version 
and  copyright  information  of  the  operating  system. 

Syntax 

cmd  [/c|/k]  [/s]  [/q  ]  [/d]  [/a|/u]  [/t :  {<BxF>  |  <F>}]  [/e :  {on  |  off }]  [/f :  {on  |  off }]  [/v:{on|off>]  [<String>] 

Parameters 


PARAMETER 

DESCRIPTION 

/C 

Carries  out  the  command  specified  by  String  and  then  stops. 

/k 

Carries  out  the  command  specified  by  String  and  continues. 

/s 

Modifies  the  treatment  of  String  after  /c  or  /k. 

/q 

Turns  the  echo  off. 

/d 

Disables  execution  of  AutoRun  commands. 

/a 

Formats  internal  command  output  to  a  pipe  or  a  file  as 
American  National  Standards  Institute  (ANSI). 

/u 

Formats  internal  command  output  to  a  pipe  or  a  file  as 
Unicode. 

/t:{<  B>  <  F>  |  <  F  > } 

Sets  the  background  (S)  and  foreground  (F)  colors. 

/e:on 

Enables  command  extensions. 

/e:off 

Disables  commands  extensions. 

/f:on 

Enables  file  and  directory  name  completion. 

/f:off 

Disables  file  and  directory  name  completion. 

/v:on 

Enables  delayed  environment  variable  expansion. 

/v:off 

Disables  delayed  environment  variable  expansion. 

<  String  > 

Specifies  the  command  you  want  to  carry  out. 

/? 

Displays  help  at  the  command  prompt. 

The  following  table  lists  valid  hexadecimal  digits  that  you  can  use  as  the  values  for  <B>  and  <F> 


VALUE 

COLOR 

0 

Black 

1 

Blue 

2 

Green 

3 

Aqua 

4 

Red 

5 

Purple 

6 

Yellow 

7 

White 

8 

Gray 

9 

Light  blue 

a 

Light  green 

b 

Light  aqua 

c 

Light  red 

d 

Light  purple 

e 

Light  yellow 

f 

Bright  white 

Remarks 

•  Using  multiple  commands 

To  use  multiple  commands  for  < Stri ng 
in  quotation  marks.  For  example: 

>,  separate  them  by  the  command  separator  &&  and  enclose  them 

"<Command>&&<Command>&&<Command>" 

•  Processing  quotation  marks 

If  you  specify  /c  or  /k,  cmd  processes  the  remainder  of  String,  and  quotation  marks  are  preserved  only  if  all 
of  the  following  conditions  are  met: 

o  You  do  not  use /s. 

o  You  use  exactly  one  set  of  quotation  marks. 

You  do  not  use  any  special  characters  within  the  quotation  marks  (for  example:  &  <  >  ( )  @  A  | ). 


o 


o  You  use  one  or  more  white-space  characters  within  the  quotation  marks, 
o  The  String  within  quotation  marks  is  the  name  of  an  executable  file. 

If  the  previous  conditions  are  not  met,  String  is  processed  by  examining  the  first  character  to  verify  whether 
it  is  an  opening  quotation  mark.  If  the  first  character  is  an  opening  quotation  mark,  it  is  stripped  along  with 
the  closing  quotation  mark.  Any  text  following  the  closing  quotation  marks  is  preserved. 

•  Executing  registry  subkeys 

If  you  do  not  specify  /d  in  String,  Cmd.exe  looks  for  the  following  registry  subkeys: 

HKEY_LOCAL_MACHINE\Software\Microsoft\Command  Processor\AutoRun\REG_SZ 
HKEY_CURRENT_USER\Software\Microsoft\Command  Processor\AutoRun\REG_EXPAND_SZ 

If  one  or  both  registry  subkeys  are  present,  they  are  executed  before  all  other  variables. 

Caution 

Incorrectly  editing  the  registry  may  severely  damage  your  system.  Before  making  changes  to  the  registry,  you 
should  back  up  any  valued  data  on  the  computer. 

•  Enabling  and  disabling  command  extensions 


Command  extensions  are  enabled  by  default  in  Windows  XP.  You  can  disable  them  for  a  particular  process  by 
using  **/e:off**.  You  can  enable  or  disable  extensions  for  all  **cmd**  command-line  options  on  a  computer  or 
user  session  by  setting  the  following  **REG_DWORD**  values: 

**HKEY_LOCAL_MACHINE\Software\Microsoft\Command  Processor\EnableExtensions\REG_DWORD** 

**HKEY_CURRENT_USER\Software\Microsoft\Command  Processor\EnableExtensions\REG_DWORD** 

Set  the  **REG_DWORD**  value  to  either  **0xl**  (enabled)  or  **0x0**  (disabled)  in  the  registry  by  using 
Regedit.exe.  User-specified  settings  take  precedence  over  computer  settings,  and  command-line  options  take 
precedence  over  registry  settings. 


[! CAUTION] 

Incorrectly  editing  the  registry  may  severely  damage  your  system.  Before  making  changes  to  the  registry, 
you  should  back  up  any  valued  data  on  the  computer. 


When  you  enable  command  extensions,  the  following 

commands  are  affected: 

- 

**assoc** 

- 

**call** 

- 

**chdir  (cd)** 

- 

**color** 

- 

**del  (erase)** 

- 

**endlocal** 

- 

**for** 

- 

**ftype** 

- 

**goto*  * 

- 

**if** 

- 

**mkdir  (md)** 

- 

**popd** 

- 

**prompt** 

- 

**pushd** 

- 

**set** 

- 

**setlocal** 

- 

**shift** 

- 

**start**  (also  includes  changes  to  external 

command  processes) 

•  Enabling  delayed  environment  variable  expansion 


If  you  enable  delayed  environment  variable  expansion,  you  can  use  the  exclamation  point  character  to 
substitute  the  value  of  an  environment  variable  at  run  time. 

•  Enabling  file  and  directory  name  completion 

File  and  directory  name  completion  is  not  enabled  by  default.  You  can  enable  or  disable  file  name 
completion  for  a  particular  process  of  the  cmd  command  with  /f:{on|off}.  You  can  enable  or  disable  file  and 
directory  name  completion  for  all  processes  of  the  cmd  command  on  a  computer  or  for  a  user  logon 
session  by  setting  the  following  REG_DWORD  values: 

HKEY_LOCAL_MACHINE\Software\Microsoft\Command 

Processor\CompletionChar\REG_DWORD 

HKEY_LOCAL_MACHINE\Software\Microsoft\Command 

Processor\PathCompletionChar\REG_DWORD 

HKEY_CURRENT_USER\Software\Microsoft\Command 

Processor\CompletionChar\REG_DWORD 

HKEY_CURRENT_USER\Software\Microsoft\Command 

Processor\PathCompletionChar\REG_DWORD 

To  set  the  REG_DWORD  value,  run  Regedit.exe  and  use  the  hexadecimal  value  of  a  control  character  for  a 
particular  function  (for  example,  0x9  is  TAB  and  0x08  is  BACKSPACE).  User-specified  settings  take 
precedence  over  computer  settings,  and  command-line  options  take  precedence  over  registry  settings. 

Caution 

Incorrectly  editing  the  registry  may  severely  damage  your  system.  Before  making  changes  to  the  registry,  you 
should  back  up  any  valued  data  on  the  computer. 

If  you  enable  file  and  directory  name  completion  by  using  /f:on,  use  CTRL  +  D  for  directory  name  completion  and 
CTRL  +  F  for  file  name  completion.  To  disable  a  particular  completion  character  in  the  registry,  use  the  value  for 
white  space  [0x20]  because  it  is  not  a  valid  control  character. 

When  you  press  CTRL  +  D  or  CTRL  +  F,  cmd  processes  file  and  directory  name  completion.  These  key  combination 
functions  append  a  wildcard  character  to  String  (if  one  is  not  present),  build  a  list  of  paths  that  match,  and  then 
display  the  first  matching  path.  If  none  of  the  paths  match,  the  file  and  directory  name  completion  function  beeps 
and  does  not  change  the  display.  To  move  through  the  list  of  matching  paths,  press  CTRL  +  D  or  CTRL  +  F 
repeatedly.  To  move  through  the  list  backwards,  press  the  SHIFT  key  and  CTRL  +  D  or  CTRL  +  F  simultaneously.  To 
discard  the  saved  list  of  matching  paths  and  generate  a  new  list,  edit  String  and  press  CTRL  +  D  or  CTRL  +  F.  If  you 
switch  between  CTRL  +  D  and  CTRL  +  F,  the  saved  list  of  matching  paths  is  discarded  and  a  new  list  is  generated. 
The  only  difference  between  the  key  combinations  CTRL  +  D  and  CTRL  +  F  is  that  CTRL  +  D  only  matches  directory 
names  and  CTRL  +  F  matches  both  file  and  directory  names.  If  you  use  file  and  directory  name  completion  on  any 
of  the  built-in  directory  commands  (that  is,  CD,  MD,  or  RD),  directory  completion  is  assumed. 

File  and  directory  name  completion  correctly  processes  file  names  that  contain  white  space  or  special  characters  if 
you  place  quotation  marks  around  the  matching  path. 

The  following  special  characters  require  quotation  marks:  &  <>[]{}A=;!'  +  ,'~  [white  space]. 

If  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example,  "Computer 
Name"). 

If  you  process  file  and  directory  name  completion  from  within  String,  any  part  of  the  Path  to  the  right  of  the  cursor 
is  discarded  (at  the  point  in  String  where  the  completion  was  processed). 

Additional  references 


Command-Line  Syntax  Key 


and  key 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

creates,  lists,  and  deletes  stored  user  names  and  passwords  or  credentials. 

Syntax 

cmdkey  [{/add : <TargetName> | /generic : <TargetName>}]  {/smartcard | /user :<UserName>  [/pass:<Password>]}  [/delete{ 
<TargetName> | /ras}]  /list : <TargetName> 

Parameters 


PARAMETERS 

DESCRIPTION 

/add: 

adds  a  user  name  and  password  to  the  list. 

Requires  the  parameter  of  which  identifies  the  computer  or 
domain  name  that  this  entry  will  be  associated  with. 

/generic: 

adds  generic  credentials  to  the  list. 

Requires  the  parameter  of  which  identifies  the  computer  or 
domain  name  that  this  entry  will  be  associated  with. 

/smartcard 

Retrieves  the  credential  from  a  smart  card. 

/user: 

Specifies  the  user  or  account  name  to  store  with  this  entry.  If 
UserName  is  not  supplied,  it  will  be  requested. 

/pass: 

Specifies  the  password  to  store  with  this  entry.  If  Password  is 
not  supplied,  it  will  be  requested. 

/delete}:  |  /ras} 

deletes  a  user  name  and  password  from  the  list.  If 
TargetName  is  specified,  that  entry  will  be  deleted.  If /ras  is 
specified,  the  stored  remote  access  entry  will  be  deleted. 

/list: 

Displays  the  list  of  stored  user  names  and  credentials.  If 
TargetName  is  not  specified,  all  stored  user  names  and 
credentials  will  be  listed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  if  more  than  one  smart  card  is  found  on  the  system  when  the  /smartcard  command-line  option  is  used, 

cmdkey  will  display  information  about  all  available  smart  cards  and  then  prompt  the  user  to  specify  which  one 


to  use. 


Passwords  will  not  be  displayed  once  they  are  stored.  ##  Examples  To  display  a  list  of  all  user  names  and 
credentials  that  are  stored,  type:  cmdkey  /list  To  add  a  user  name  and  password  for  user  Mikedan  to  access 
computer  ServerOI  with  the  password  Kleo,  type:  cmdkey  /add:server@i  /user:mikedan  /pass:Kieo  To  add  a  user 
name  and  password  for  user  Mikedan  to  access  computer  ServerOI  and  prompt  for  the  password  whenever 
ServerOI  is  accessed,  type:  cmdkey  /add:serverei  /usemmikedan  To  delete  the  credential  that  remote  access  has 
stored,  type:  cmdkey  /delete  /ras  To  delete  the  credential  that  is  stored  for  ServerOI ,  type: 
cmdkey  /delete iServerei  ##  additional  references  Command-Line  Syntax  Key 


cmstp 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Installs  or  removes  a  Connection  Manager  service  profile.  Used  without  optional  parameters,  cmstp  installs  a 
service  profile  with  default  settings  appropriate  to  the  operating  system  and  to  the  user's  permissions. 

Syntax 

Syntax  1 : 

ServiceProfileFileName  .exe  /q:a  /c : "cmstp. exe  ServiceProfileFileName  .inf  [/nf]  [/ni]  [/ns]  [/s]  [/su]  [/u]" 


Syntax  2: 

cmstp.exe  [/nf]  [/ni]  [/ns]  [/s]  [/su]  [/u] 

[Drive : ] [ path] ServiceProfileFileName. inf " 

Parameters 

PARAMETER 

DESCRIPTION 

<  ServiceProfileFileName  >.exe 

Specifies,  by  name,  the  installation  package  that  contains  the 
profile  that  you  want  to  install. 

Required  for  Syntax  1  but  not  valid  for  Syntax  2. 

/q:a 

Specifies  that  the  profile  should  be  installed  without 
prompting  the  user.  The  verification  message  that  the 
installation  has  succeeded  will  still  appear. 

Required  for  Syntax  1  but  not  valid  for  Syntax  2. 

[Drive:][path]  .inf 

Required.  Specifies,  by  name,  the  configuration  file  that 
determines  how  the  profile  should  be  installed. 

The  [Drive:] [path]  parameter  is  not  valid  for  Syntax  1 . 

/nf 

Specifies  that  the  support  files  should  not  be  installed. 

/ni 

Specifies  that  a  desktop  icon  should  not  be  created.  This 
parameter  is  only  valid  for  computers  running  Windows  95, 
Windows  98,  Windows  NT  4.0,  or  Windows  Millennium 

edition. 

/ns 

Specifies  that  a  desktop  shortcut  should  not  be  created.  This 
parameter  is  only  valid  for  computers  running  a  member  of 
the  Windows  Server  2003  family,  Windows  2000,  or  Windows 

XR 

PARAMETER 


DESCRIPTION 


/s  Specifies  that  the  service  profile  should  be  installed  or 

uninstalled  silently  (without  prompting  for  user  response  or 
displaying  verification  message). 


/su  Specifies  that  the  service  profile  should  be  installed  for  a  single 

user  rather  than  for  all  users.  This  parameter  is  only  valid  for 
computers  running  a  Windows  Server  2003,  Windows  2000, 
or  Windows  XR 


/au  Specifies  that  the  service  profile  should  be  installed  for  all 

users.  This  parameter  is  only  valid  for  computers  running 
Windows  Server  2003,  Windows  2000,  or  Windows  XR 


/u 


Specifies  that  the  service  profile  should  be  uninstalled. 


/?  Displays  help  at  the  command  prompt. 

remarks 

/s  is  the  only  parameter  that  you  can  use  in  combination  with  /u.  Syntax  1  is  the  typical  syntax  used  in  a  custom 
installation  application.  To  use  this  syntax,  you  must  run  cmstp  from  the  directory  that  contains  the  .exe  file. 

Examples 

To  install  the  Fiction  service  profile  without  any  support  files,  type: 

fiction.exe  /c: "cmstp.exe  fiction. inf  /nf" 


To  silently  install  the  Fiction  service  profile  for  a  single  user,  type: 

fiction.exe  /c : "cmstp.exe  fiction. inf  /s  /su" 


To  silently  uninstall  the  Fiction  service  profile,  type: 

fiction.exe  /c: "cmstp.exe  fiction. inf  /s  /u" 


additional  references 


•  Command-Line  Syntax  Key 


color 
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Changes  the  foreground  and  background  colors  in  the  Command  Prompt  window  for  the  current  session.  If  used 
without  parameters,  color  restores  the  default  Command  Prompt  window  foreground  and  background  colors. 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


color  [ [<B>] <F>] 

Parameters 

PARAMETER 

DESCRIPTION 

<B> 

Specifies  the  background  color. 

<F> 

Specifies  the  foreground  color. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  following  table  lists  valid  hexadecimal  digits  that  you  can  use  as  the  values  for  B  and  F. 

|Value|Color|  | - 1 - 1  |0|Black|  1 1 1 B I ue|  |2 |G reen |  |3|Aqua|  |4|Red|  |5|Purple|  |6|Yellow|  |7|White|  |8|Gray| 

|9| Light  blue|  |A| Light  green |  |B| Light  aqua|  |C| Light  red|  | D| Light  purple|  |E| Light  yellow|  | F | B right  white] 

•  Do  not  use  space  characters  between  B  and  F. 

•  If  you  specify  only  one  hexadecimal  digit,  the  corresponding  color  is  used  as  the  foreground  color  and  the 
background  color  is  set  to  the  default  color. 

•  To  set  the  default  Command  Prompt  window  color,  click  the  upper-left  corner  of  the  Command  Prompt  window, 
click  Defaults,  click  the  Colors  tab,  and  then  click  the  colors  that  you  want  to  use  for  the  Screen  Text  and 
Screen  Background. 

•  If  B  and  F  are  the  same,  the  color  command  sets  ERRORLEVEL  to  1,  and  no  change  is  made  to  either  the 
foreground  or  the  background  color. 

Examples 

To  change  the  Command  Prompt  window  background  color  to  gray  and  the  foreground  color  to  red,  type: 

color  84 

To  change  the  Command  Prompt  window  foreground  color  to  light  yellow,  type: 

color  e 


NOTE 

In  this  example,  the  background  is  set  to  the  default  color  because  only  one  hexadecimal  digit  is  specified. 


Additional  references 

Command-Line  Syntax  Key 


comp 
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Compares  the  contents  of  two  files  or  sets  of  files  byte-by-byte.  If  used  without  parameters,  comp  prompts  you  to 
enter  the  files  to  compare. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

comp  [<Datal>]  [<Data2>]  [/d ]  [/a]  [ /I ]  [/n=<Number>]  [/c] 

Parameters 


PARAMETER 

DESCRIPTION 

<Data1  > 

Specifies  the  location  and  name  of  the  first  file  or  set  of  files 
that  you  want  to  compare.  You  can  use  wildcard  characters  (* 
and  ?)  to  specify  multiple  files. 

<Data2> 

Specifies  the  location  and  name  of  the  second  file  or  set  of  files 
that  you  want  to  compare.  You  can  use  wildcard  characters  (* 
and  ?)  to  specify  multiple  files. 

/d 

Displays  differences  in  decimal  format.  (The  default  format  is 
hexadecimal.) 

/a 

Displays  differences  as  characters. 

/I 

Displays  the  number  of  the  line  where  a  difference  occurs, 
instead  of  displaying  the  byte  offset. 

/n=  <Number> 

Compares  only  the  number  of  lines  that  are  specified  for  each 
file,  even  if  the  files  are  different  sizes. 

/c 

Performs  a  comparison  that  is  not  case-sensitive. 

/offfline] 

Processes  files  with  the  offline  attribute  set. 

/? 

Displays  Help  at  the  command  prompt. 

Remarks 

•  How  the  comp  command  identifies  mismatching  information 

During  the  comparison,  comp  displays  messages  that  identify  the  locations  of  unequal  information  between 
the  files.  Each  message  indicates  the  offset  memory  address  of  the  unequal  bytes  and  the  contents  of  the 
bytes  (in  hexadecimal  notation  unless  the /a  or/d  command-line  parameter  is  specified).  Messages  appear 
in  the  following  format: 


Compare  error  at  OFFSET  xxxxxxxx 


filel  =  xx 

file2  =  xx 

After  ten  unequal  comparisons,  comp  stops  comparing  the  files  and  displays  the  following  message: 

10  Mismatches  -  ending  compare 

•  Handling  special  cases  for  Data 7  and  Data2 

o  If  you  omit  necessary  components  of  either  Data  1  or  Data2  or  if  you  omit  Data2,  comp  prompts  you 
for  the  missing  information. 

o  If  Data  7  contains  only  a  drive  letter  or  a  directory  name  with  no  file  name,  comp  compares  all  of  the  files 
in  the  specified  directory  to  the  file  specified  in  Data  7. 
o  If  Data2  contains  only  a  drive  letter  or  a  directory  name,  the  default  file  name  for  Data2  is  the  same  as 
that  in  Data 7. 

o  If  comp  cannot  find  the  file(s)  you  specify,  it  prompts  you  with  a  message  to  determine  whether  you 
want  to  compare  more  files. 

•  Comparing  files  in  different  locations 

Comp  can  compare  files  on  the  same  drive  or  on  different  drives,  and  in  the  same  directory  or  in  different 
directories.  When  comp  compares  the  files,  it  displays  their  locations  and  file  names. 

•  Comparing  files  with  the  same  names 

The  files  that  you  compare  can  have  the  same  file  name,  provided  they  are  in  different  directories  or  on 
different  drives.  If  you  do  not  specify  a  file  name  for  Data2,  the  default  file  name  for  Data2  is  the  same  as 
the  file  name  in  Data  7.  You  can  use  wildcard  characters  (*  and  ?)  to  specify  file  names. 

•  Comparing  files  of  different  sizes 

You  must  specify  /n  to  compare  files  of  different  sizes.  If  the  file  sizes  are  different  and  /n  is  not  specified, 
comp  displays  the  following  message: 

Files  are  different  sizes 

Compare  more  files  (Y/N)? 

To  compare  these  files,  press  N  to  stop  the  comp  command.  Then,  rerun  the  comp  command  with  the  /n 
option  to  compare  only  the  first  portion  of  each  file. 

•  Comparing  files  sequentially 

If  you  use  wildcard  characters  (*  and  ?)  to  specify  multiple  files,  comp  finds  the  first  file  that  matches  Data  7 
and  compares  it  with  the  corresponding  file  in  Data2,  if  it  exists.  The  comp  command  reports  the  results  of 
the  comparison  for  each  file  matching  Data  7.  When  finished,  comp  displays  the  following  message: 

Compare  more  files  (Y/N)? 

To  compare  more  files,  press  Y.  The  comp  command  prompts  you  for  the  locations  and  names  of  the  new 
files.  To  stop  the  comparisons,  press  N.  When  you  press  Y,  comp  prompts  you  for  command-line  options  to 
use.  If  you  do  not  specify  any  command-line  options,  comp  uses  the  ones  you  specified  before. 

Examples 

To  compare  the  contents  of  the  directory  C:\Reports  with  the  backup  directory  \\Sales\Backup\April,  type: 


comp  c:\reports  \\sales\backup\april 


To  compare  the  first  ten  lines  of  the  text  files  in  the\lnvoice  directory  and  display  the  result  in  decimal  format,  type: 


comp  \invoice\* .txt  \invoice\backup\* .txt  /n=10  /d 


Additional  references 

Command-Line  Syntax  Key 


compact 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Displays  or  alters  the  compression  of  files  or  directories  on  NTFS  partitions.  If  used  without  parameters,  compact 
displays  the  compression  state  of  the  current  directory  and  the  files  it  contains. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

compact  [/c  |  /u ]  [/s[:<Dir>]]  [/a]  [/i]  [/f]  [/q]  [<FileName>[ . . . ] ] 


Parameters 


PARAMETER 

DESCRIPTION 

/C 

Compresses  the  specified  directory  or  file. 

/u 

Uncompresses  the  specified  directory  or  file. 

/s[:<  Dir>] 

Applies  the  compact  command  to  all  subdirectories  of  the 
specified  directory  (or  of  the  current  directory  if  none  is 
specified). 

/a 

Displays  hidden  or  system  files. 

/i 

Ignores  errors. 

/f 

Forces  compression  or  uncompression  of  the  specified 
directory  or  file,  /f  is  used  in  the  case  of  a  file  that  was  partly 
compressed  when  the  operation  was  interrupted  by  a  system 
crash.  To  force  the  file  to  be  compressed  in  its  entirety,  use  the 
/c  and  /f  parameters  and  specify  the  partially  compressed  file. 

/q 

Reports  only  the  most  essential  information. 

<FileName> 

Specifies  the  file  or  directory.  You  can  use  multiple  file  names, 
and  the  *  and  ?  wildcard  characters. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  compact  command  is  the  command-line  version  of  the  NTFS  file  system  compression  feature.  The 
compression  state  of  a  directory  indicates  whether  files  are  automatically  compressed  when  they  are  added  to 
the  directory.  Setting  the  compression  state  of  a  directory  does  not  necessarily  change  the  compression  state  of 
files  that  are  already  in  the  directory. 

•  You  cannot  use  compact  to  read,  write,  or  mount  volumes  that  have  been  compressed  using  DriveSpace  or 
DoubleSpace. 


•  You  cannot  use  compact  to  compress  file  allocation  table  (FAT)  or  FAT32  partitions. 


Examples 

To  set  the  compression  state  of  the  current  directory,  its  subdirectories,  and  existing  files,  type: 

compact  /c  /s 

To  set  the  compression  state  of  files  and  subdirectories  within  the  current  directory,  without  altering  the 
compression  state  of  the  current  directory  itself,  type: 


compact  /c  /s  *.* 


To  compress  all  files  with  the  .bmp  file  name  extension  in  the  \Tmp  directory  and  all  subdirectories  of  \Tmp,  without 
modifying  the  compressed  attribute  of  the  directories,  type: 

compact  /c  /s:\tmp  *.bmp 

To  force  complete  compression  of  the  file  Zebra.bmp,  which  was  partially  compressed  during  a  system  crash,  type: 

compact  / c  /f  zebra.bmp 

To  remove  the  compressed  attribute  from  the  directory  C:\Tmp,  without  changing  the  compression  state  of  any 
files  in  that  directory,  type: 

compact  /u  c:\tmp 

Additional  references 

Command-Line  Syntax  Key 


convert 
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Converts  file  allocation  table  (FAT)  and  FAT32  volumes  to  the  NTFS  file  system,  leaving  existing  files  and 
directories  intact.  Volumes  converted  to  the  NTFS  file  system  cannot  be  converted  back  to  FAT  or  FAT32. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

convert  [<Volume>]  /fs:ntfs  [/v]  [/cvtarea : <FileName>] 

[/nosecurity]  [/x] 

Parameters 

PARAMETER 

DESCRIPTION 

<Volume> 

Specifies  the  drive  letter  (followed  by  a  colon),  mount  point,  or 
volume  name  to  convert  to  NTFS. 

/fs:ntfs 

Required.  Converts  the  volume  to  NTFS. 

/v 

Runs  convert  in  verbose  mode,  which  displays  all  messages 
during  the  conversion  process. 

/cvtarea:<  FileName> 

Specifies  that  the  Master  File  Table  (MFT)  and  other  NTFS 
metadata  files  are  written  to  an  existing,  contiguous 
placeholder  file.  This  file  must  be  in  the  root  directory  of  the 
file  system  to  be  converted.  Use  of  the  /cvtarea  parameter 
can  result  in  a  less  fragmented  file  system  after  conversion. 

For  best  results,  the  size  of  this  file  should  be  1  KB  multiplied 
by  the  number  of  files  and  directories  in  the  file  system, 
although  the  convert  utility  accepts  files  of  any  size. 

Important:  You  must  create  the  placeholder  file  by  using  the 
fsutil  file  createnew  command  prior  to  running  convert. 
Convert  does  not  create  this  file  for  you.  Convert  overwrites 
this  file  with  NTFS  metadata.  After  conversion,  any  unused 
space  in  this  file  is  freed. 

/nosecurity 

Specifies  that  the  security  settings  on  the  converted  files  and 
directories  allow  access  by  all  users. 

/x 

Dismounts  the  volume,  if  necessary,  before  it  is  converted. 

Any  open  handles  to  the  volume  will  no  longer  be  valid. 

/? 

Remarks 

Displays  help  at  the  command  prompt. 

•  If  convert  cannot  lock  the  drive  (for  example,  the  drive  is  the  system  volume  or  the  current  drive),  you  are  given 
the  option  to  convert  the  drive  the  next  time  you  restart  the  computer.  If  you  cannot  restart  the  computer 
immediately  to  complete  the  conversion,  plan  a  time  to  restart  the  computer  and  allow  extra  time  for  the 


conversion  process  to  complete. 

•  For  volumes  converted  from  FAT  or  FAT32  to  NTFS: 

Due  to  existing  disk  usage,  the  MFT  is  created  in  a  different  location  than  on  a  volume  originally  formatted 
with  NTFS,  so  volume  performance  might  not  be  as  good  as  on  volumes  originally  formatted  with  NTFS. 
For  optimal  performance,  consider  recreating  these  volumes  and  formatting  them  with  the  NTFS  file 
system. 

Volume  conversion  from  FAT  or  FAT32  to  NTFS  leaves  the  files  intact,  but  the  volume  might  lack  some 
performance  benefits  compared  to  volumes  initially  formatted  with  NTFS.  For  example,  the  MFT  might 
become  fragmented  on  converted  volumes.  In  addition,  on  converted  boot  volumes,  convert  applies  the 
same  default  security  that  is  applied  during  Windows  Setup. 

Examples 

To  convert  the  volume  on  drive  E  to  NTFS  and  display  all  messages  during  the  conversion  process,  type: 

convert  e:  /fs:ntfs  /v 

Additional  references 

Command-Line  Syntax  Key 


copy 
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Copies  one  or  more  files  from  one  location  to  another. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

copy  [/d]  [/v]  [/n]  [/y  |  /-y]  [/z]  [/a  |  /b]  <Source> 
[/a  |  /b]] 

[/a  |  /b]  [+<Source>  [/a  |  /b]  [+  ...]]  [<Destination> 

Parameters 

PARAMETER 

DESCRIPTION 

/d 

Allows  the  encrypted  files  being  copied  to  be  saved  as 
decrypted  files  at  the  destination. 

/V 

Verifies  that  new  files  are  written  correctly. 

/n 

Uses  a  short  file  name,  if  available,  when  copying  a  file  with  a 
name  longer  than  eight  characters,  or  with  a  file  name 
extension  longer  than  three  characters. 

/y 

Suppresses  prompting  to  confirm  that  you  want  to  overwrite 
an  existing  destination  file. 

/-y 

Prompts  you  to  confirm  that  you  want  to  overwrite  an 
existing  destination  file. 

/z 

Copies  networked  files  in  restartable  mode. 

/a 

Indicates  an  ASCII  text  file. 

/b 

Indicates  a  binary  file. 

<Source> 

Required.  Specifies  the  location  from  which  you  want  to  copy  a 
file  or  set  of  files.  Source  can  consist  of  a  drive  letter  and  colon, 
a  directory  name,  a  file  name,  or  a  combination  of  these. 

<Destination> 

Required.  Specifies  the  location  to  which  you  want  to  copy  a 
file  or  set  of  files.  Destination  can  consist  of  a  drive  letter  and 
colon,  a  directory  name,  a  file  name,  or  a  combination  of 
these. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 


You  can  copy  an  ASCII  text  file  that  uses  an  end-of-file  character  (CTRL  +  Z)  to  indicate  the  end  of  the  file. 
Using  /a 

When  /a  precedes  or  follows  a  list  of  files  on  the  command  line,  it  applies  to  all  files  listed  until  copy 
encounters  /b.  In  this  case,  /b  applies  to  the  file  preceding  /b. 

The  effect  of  /a  depends  on  its  position  in  the  command-line  string.  When  /a  follows  Source,  copy  treats 
the  file  as  an  ASCII  file  and  copies  data  that  precedes  the  first  end-of-file  character  (CTRL+Z). 

When  /a  follows  Destination,  copy  adds  an  end-of-file  character  (CTRL+Z)  as  the  last  character  of  the  file. 

Using  /b 

/b  directs  the  command  interpreter  to  read  the  number  of  bytes  specified  by  the  file  size  in  the  directory. /b 
is  the  default  value  for  copy,  unless  copy  combines  files. 

When  /b  precedes  or  follows  a  list  of  files  on  the  command  line,  it  applies  to  all  listed  files  until  copy 
encounters  /a.  In  this  case,  /a  applies  to  the  file  preceding  /a. 

The  effect  of  /b  depends  on  its  position  in  the  command-line  string.  When  /b  follows  Source,  copy  copies 
the  entire  file,  including  any  end-of-file  character  (CTRL  +  Z). 

When  /b  follows  Destination,  copy  does  not  add  an  end-of-file  character  (CTRL+Z). 

Using  /v 

If  a  write  operation  cannot  be  verified  an  error  message  appears.  Although  recording  errors  rarely  occur 
with  copy,  you  can  use  /v  to  verify  that  critical  data  has  been  correctly  recorded.  The  /v  command-line 
option  also  slows  down  the  copy  command,  because  each  sector  recorded  on  the  disk  must  be  checked. 

Using  /y  and  /-y 

If  /y  is  preset  in  the  COPYCMD  environment  variable,  you  can  override  this  setting  by  using  /-y  at  the 
command  line.  By  default,  you  are  prompted  when  you  replace  this  setting,  unless  the  copy  command  is 
executed  in  a  batch  script. 

Appending  files 

To  append  files,  specify  a  single  file  for  Destination,  but  multiple  files  for  Source  (use  wildcard  characters  or 
Fiiel  +  File2+Fiie3  format). 

Using  /z 

If  the  connection  is  lost  during  the  copy  phase  (for  example,  if  the  server  going  offline  breaks  the 
connection),  copy  /z  resumes  after  the  connection  is  re-established,  /z  also  displays  the  percentage  of  the 
copy  operation  that  is  completed  for  each  file. 

Copying  to  and  from  devices 

You  can  substitute  a  device  name  for  one  or  more  occurrences  of  Source  or  Destination. 

Using  or  omitting  /b  when  copying  to  a  device 

When  Destination  is  a  device  (for  example,  Coml  or  Lptl),  /b  copies  data  to  the  device  in  binary  mode.  In 
binary  mode,  copy  /b  copies  all  characters  (including  special  characters  such  as  CTRL  +  C,  CTRL  +  S, 

CTRL  +  Z,  and  ENTER)  to  the  device  as  data.  However,  if  you  omit/b,  data  is  copied  to  the  device  in  ASCII 
mode.  In  ASCII  mode,  special  characters  might  cause  files  to  combine  during  the  copying  process. 

Using  the  default  destination  file 

If  you  do  not  specify  a  destination  file,  a  copy  is  created  with  the  same  name,  modified  date,  and  modified 


time  as  the  original  file.  The  new  copy  is  stored  in  the  current  directory  on  the  current  drive.  If  the  source  file 
is  on  the  current  drive  and  in  the  current  directory  and  you  do  not  specify  a  different  drive  or  directory  for 
the  destination  file,  the  copy  command  stops  and  displays  the  following  error  message: 

File  cannot  be  copied  onto  itself 

0  File(s)  copied 

•  Combining  files 

If  you  specify  more  than  one  file  in  Source,  copy  combines  them  all  into  a  single  file  using  the  file  name 
specified  in  Destination.  Copy  assumes  the  combined  files  are  ASCII  files  unless  you  use  the  /b  option. 

•  Copying  zero-length  files 

Copy  does  not  copy  files  that  are  0  bytes  long.  Use  xcopy  to  copy  these  files. 

•  Changing  the  time  and  date  of  a  file 

If  you  want  to  assign  the  current  time  and  date  to  a  file  without  modifying  the  file,  use  the  following  syntax: 

copy  /b  <Source>  +,, 

The  commas  indicate  the  omission  of  the  Destination  parameter. 

•  Copying  files  in  subdirectories 

To  copy  all  of  a  directory's  files  and  subdirectories,  use  the  xcopy  command. 

•  The  copy  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 

Examples 

To  copy  a  file  called  Memo.doc  to  Letter.doc  in  the  current  drive  and  ensure  that  an  end-of-file  character  (CTRL  +  Z) 
is  at  the  end  of  the  copied  file,  type: 

copy  memo.doc  letter.doc  /a 

To  copy  a  file  named  Robin.typ  from  the  current  drive  and  directory  to  an  existing  directory  named  Birds  that  is 
located  on  drive  C,  type: 

copy  robin.typ  c:\birds 

If  the  Birds  directory  does  not  exist,  the  file  Robin.typ  is  copied  into  a  file  named  Birds  that  is  located  in  the  root 
directory  on  the  disk  in  drive  C. 

To  combine  Mar89.rpt,  Apr89.rpt,  and  May89.rpt,  which  are  located  in  the  current  directory,  and  place  them  in  a  file 
named  Report  (also  in  the  current  directory),  type: 

copy  mar89.rpt  +  apr89.rpt  +  may89.rpt  Report 

When  you  combine  files,  copy  marks  the  destination  file  with  the  current  date  and  time.  If  you  omit  Destination, 
the  files  are  combined  and  stored  under  the  name  of  the  first  file  in  the  list.  For  example,  to  combine  all  files  in 
Report  when  a  file  named  Report  already  exists,  type: 


copy  report  +  mar89.rpt  +  apr89.rpt  +  may89.rpt 

To  combine  all  files  in  the  current  directory  that  have  the.txt  file  name  extension  into  a  single  file  named 
Combined.doc,  type: 

copy  *.txt  Combined.doc 

If  you  want  to  combine  several  binary  files  into  one  file  by  using  wildcard  characters,  include  /b.  This  prevents 
Windows  from  treating  CTRL  +  Z  as  an  end-of-file  character.  For  example,  type: 

copy  /b  *.exe  Combined.exe 

Caution 

If  you  combine  binary  files,  the  resulting  file  might  be  unusable  due  to  internal  formatting. 

In  the  following  example,  copy  combines  each  file  that  has  a  .txt  extension  with  its  corresponding  .ref  file.  The 
result  is  a  file  with  the  same  file  name  but  with  a  .doc  extension.  Copy  combines  Filel  .txt  with  Filel  .ref  to  form 
F i lei  .doc,  and  then  copy  combines  File2.txt  with  File2.ref  to  form  File2.doc,  and  so  on.  For  example,  type: 

copy  *.txt  +  *.ref  *.doc 

To  combine  all  files  with  the  .txt  extension,  and  then  combine  all  files  with  the  .ref  extension  into  one  file  named 
Combined.doc,  type: 

copy  *.txt  +  *.ref  Combined.doc 

Additional  references 


Command-Line  Syntax  Key 


cprofile 
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Cprofile  -  Cprofile  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 

Cprofile.exe:  Clean  profile.  This  tool  is  included  in  all  Windows  Server  2003  operating  systems  except  Windows 
Server  2003,  Web  edition.  For  more  information  see  Terminal  Services  Tools  and  Settings. 

# 

# 


cscript 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


starts  a  script  so  that  it  runs  in  a  command-line  environment. 

Syntax 

cscript  <Scriptname.extension>  [/B]  [/D]  [/E:<Engine>]  [{/H : cscript | /H:wscript}]  [/I]  [/Dob : <Identifier>] 
[{/Logo | /NoLogo}]  [/S]  [/T: <Seconds>]  [/X]  [ /U ]  [/?]  [<ScriptArguments  >] 


Parameters 

PARAMETER  DESCRIPTION 

Scriptname.extension  Specifies  the  path  and  file  name  of  the  script  file  with  optional 

file  name  extension. 


/B 

Specifies  batch  mode,  which  does  not  display  alerts,  scripting 
errors,  or  input  prompts. 

/D 

starts  the  debugger. 

E:  Specifies  the  engine  that  is  used  to  run  the  script. 

H:cscript 

registers  cscript.exe  as  the  default  script  host  for  running 
scripts. 

H:wscript 

registers  wscript.exe  as  the  default  script  host  for  running 
scripts.  This  is  the  default. 

/I 

Specifies  interactive  mode,  which  displays  alerts,  scripting 
errors,  and  input  prompts.  This  is  the  default  and  the  opposite 
of/B. 

/Job: 

Runs  the  job  identified  by  Identifier  in  a  .wsf  script  file. 

/Logo 

Specifies  that  the  Windows  Script  Host  banner  is  displayed  in 
the  console  before  the  script  runs.  This  is  the  default  and  the 
opposite  of  /Nologo. 

/Nologo 

Specifies  that  the  Windows  Script  Host  banner  is  not  displayed 
before  the  script  runs. 

/s 

Saves  the  current  command-prompt  options  for  the  current 

user. 

PARAMETER 


DESCRIPTION 


/T: 

Specifies  the  maximum  time  the  script  can  run  (in  seconds). 

You  can  specify  up  to  32,767  seconds.  The  default  is  no  time 
limit. 

/u 

Specifies  Unicode  for  input  and  output  that  is  redirected  from 
the  console. 

/X 

starts  the  script  in  the  debugger. 

/? 

Displays  available  command  parameters  and  provides  help  for 
using  them.  This  is  the  same  as  typing  cscript.exe  with  no 
parameters  and  no  script. 

ScriptArguments 


Specifies  the  arguments  passed  to  the  script.  Each  script 
argument  must  be  preceded  by  a  slash  (/). 


remarks 

•  Performing  this  task  does  not  require  you  to  have  administrative  credentials.  Therefore,  as  a  security  best 
practice,  consider  performing  this  task  as  a  user  without  administrative  credentials. 

•  To  open  a  command  prompt,  on  the  start  screen,  type  cmd,  and  then  click  command  prompt. 

•  Each  parameter  is  optional;  however,  you  cannot  specify  script  arguments  without  specifying  a  script.  If  you  do 
not  specify  a  script  or  any  script  arguments,  cscript.exe  displays  the  cscript.exe  syntax  and  the  valid  host  options. 

•  The  /T  parameter  prevents  excessive  running  of  scripts  by  setting  a  timer.  When  the  run  time  exceeds  the 
specified  value,  cscript  interrupts  the  script  engine  and  ends  the  process. 

•  Windows  script  files  usually  have  one  of  the  following  file  name  extensions:  .wsf,  .vbs,  .js. 

•  You  can  set  properties  for  individual  scripts.  See  Related  Topics  for  more  information. 

•  Windows  Script  Host  can  use  .wsf  script  files.  Each  .wsf  file  can  use  multiple  scripting  engines  and  perform 
multiplejobs. 

•  if  you  double-click  a  script  file  with  an  extension  that  has  no  association,  the  Open  With  dialog  box  appears, 
select  wscript  or  cscript,  and  then  select  Always  use  this  program  to  open  this  file  type.  This  registers 
wscript.exe  or  cscript  as  the  default  script  host  for  files  of  this  file  type. 

•  You  can  set  properties  for  individual  scripts.  See  additional  References  for  more  information. 

•  Windows  Script  Host  can  use  .wsf  script  files.  Each  .wsf  file  can  use  multiple  scripting  engines  and  perform 
multiplejobs.  ##  additional  References 


Command-Line  Syntax  Key 


date 
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Displays  or  sets  the  system  date.  If  used  without  parameters,  date  displays  the  current  system  date  setting  and 
prompts  you  to  enter  a  new  date. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

date  [/t  |  <Month-Day-Year>] 


Parameters 

PARAMETER  DESCRIPTION 


<  Month- Day- Year>  Sets  the  date  specified,  where  Month  is  the  month  (one  or  two 

digits),  Day  is  the  day  (one  or  two  digits),  and  Year  is  the  year 
(two  or  four  digits). 

/t  Displays  the  current  date  without  prompting  you  for  a  new 

date. 

/?  Displays  help  at  the  command  prompt. 


Remarks 

•  To  change  the  current  date,  you  must  have  administrative  credentials. 

•  You  must  separate  values  for  Month,  Day,  and  Year  with  periods  (.),  hyphens  (-),  or  slash  marks  (/). 

•  Valid  Month  values  are  1  through  1 2. 

•  Valid  Day  values  are  1  through  31. 

•  Valid  Year  values  are  either  00  through  99,  or  1 980  through  2099.  If  you  use  two  digits,  the  values  80  through 
99  correspond  to  the  years  1 980  through  1 999. 

Examples 

If  command  extensions  are  enabled,  to  display  the  current  system  date,  type: 

date  /t 

To  change  the  current  system  date  to  August  3,  2007,  you  can  type  any  of  the  following: 

date  08.03.2007 
date  08-03-07 
date  8/3/07 


To  display  the  current  system  date,  followed  by  a  prompt  to  enter  a  new  date,  type: 


The  current  date  is:  Mon  04/02/2007 
Enter  the  new  date:  (mm-dd-yy) 


To  keep  the  current  date  and  return  to  the  command  prompt,  press  ENTER.  To  change  the  current  date,  type  the 
new  date  and  then  press  ENTER. 

Additional  references 

Command-Line  Syntax  Key 


dcgpofix 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Recreates  the  default  Group  Policy  Objects  (GPOs)  for  a  domain.  For  examples  of  how  this  command  can  be  used, 

see  Examples. 

Syntax 

DCGPOFix  [/ignoreschema]  [/target:  {Domain  |  DC  |  Both}]  [/?] 

Parameters 

PARAMETER  DESCRIPTION 

/ignoreschema  Ignores  the  version  of  the  Active  Directory®  schema  me 

when  you  run  this  command.  Otherwise,  the  command  only 
works  on  the  same  schema  version  as  the  Windows  version  in 
which  the  command  was  shipped. 

/target  {Domain  DC 

/?  Displays  Help  at  the  command  prompt. 

Remarks 

•  The  dcgpofix  command  is  available  in  Windows  Server  2008  R2  and  Windows  Server  2008,  except  on  Server 
Core  installations. 

•  Although  the  Group  Policy  Management  Console  (GPMC)  is  distributed  with  Windows  Server  2008  R2  and 
Windows  Server  2008,  you  must  install  Group  Policy  Management  as  a  feature  through  Server  Manager. 

Examples 

Restore  the  Default  Domain  Policy  GPO  to  its  original  state.  You  will  lose  any  changes  that  you  have  made  to  this 
GPO.  As  a  best  practice,  you  should  configure  the  Default  Domain  Policy  GPO  only  to  manage  the  default  Account 
Policies  settings,  Password  Policy,  Account  Lockout  Policy,  and  Kerberos  Policy.  In  this  example,  you  ignore  the 
version  of  the  Active  Directory  schema  so  that  the  dcgpofix  command  is  not  limited  to  same  schema  as  the 
Windows  version  in  which  the  command  was  shipped. 

dcgpofix  /ignoreschema  /target: Domain 

Restore  the  Default  Domain  Controllers  Policy  GPO  to  its  original  state.  You  will  lose  any  changes  that  you  have 
made  to  this  GPO.  As  a  best  practice,  you  should  configure  the  Default  Domain  Controllers  Policy  GPO  only  to  set 
user  rights  and  audit  policies.  In  this  example,  you  ignore  the  version  of  the  Active  Directory  schema  so  that  the 
dcgpofix  command  is  not  limited  to  same  schema  as  the  Windows  version  in  which  the  command  was  shipped. 

dcgpofix  /ignoreschema  /target:DC 


Additional  references 


Group  Policy  TechCenter 
Command-Line  Syntax  Key 


defrag 

3/21/2018  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  10,  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server 
2012  R2,  Windows  Server  2012 


Locates  and  consolidates  fragmented  files  on  local  volumes  to  improve  system  performance.  Membership  in  the 
local  Administrators  group,  or  equivalent,  is  the  minimum  required  to  run  this  command. 


Syntax 


defrag  <volumes> 

1  /c 

/E  <volumes> 

[/H] 

[/M 

In]  | 

[/U] 

[/V]] 

defrag  <volumes> 

1  /c 

/E  <volumes> 

/A 

[/H] 

[/M 

In]  | 

[/U] 

[/V]] 

defrag  <volumes> 

1  /C 

/E  <volumes> 

/X 

[/H] 

[/M 

In]  | 

[/U] 

[/V]] 

defrag  <volume> 

[/<Parameter>]* 

Parameters 


PARAMETER 

DESCRIPTION 

<volume> 

Specifies  the  drive  letter  or  mount  point  path  of  the  volume  to 
be  defragmented  or  analyzed. 

A 

Perform  analysis  on  the  specified  volumes. 

C 

Perform  the  operation  on  all  volumes. 

D 

Perform  traditional  defrag  (this  is  the  default).  On  a  tiered 
volume  though,  traditional  defrag  is  performed  only  on  the 
Capacity  tier. 

E 

Perform  the  operation  on  all  volumes  except  those  specified. 

G 

Optimize  the  storage  tiers  on  the  specified  volumes. 

H 

Run  the  operation  at  normal  priority  (default  is  low). 

1  n 

Tier  optimization  would  run  for  at  most  n  seconds  on  each 
volume. 

K 

Perform  slab  consolidation  on  the  specified  volumes. 

L 

Perform  retrim  on  the  specified  volumes. 

M  [n] 

Run  the  operation  on  each  volume  in  parallel  in  the 
background.  At  most  n  threads  optimize  the  storage  tiers  in 
parallel. 

O 

Perform  the  proper  optimization  for  each  media  type. 

PARAMETER 

DESCRIPTION 

T 

Track  an  operation  already  in  progress  on  the  specified 
volume. 

U 

print  the  progress  of  the  operation  on  the  screen. 

V 

print  verbose  output  containing  the  fragmentation  statistics. 

X 

Perform  free  space  consolidation  on  the  specified  volumes. 

? 

Displays  this  help  information. 

Remarks 

•  You  cannot  defragment  specific  types  of  file  system  volumes  or  drives: 
o  You  cannot  defragment  volumes  that  the  file  system  has  locked. 

o  You  cannot  defragment  volumes  that  the  file  system  has  marked  as  dirty,  which  indicates  possible 

corruption.  You  must  run  chkdsk  on  a  dirty  volume  before  you  can  defragment  it.  You  can  determine  if  a 
volume  is  dirty  by  using  the  fsutil  dirty  query  command.  For  more  information  about  chkdsk  and  fsutil 
dirty,  see  additional  references, 
o  You  cannot  defragment  network  drives, 
o  You  cannot  defragment  cdROMs. 

o  You  cannot  defragment  file  system  volumes  that  are  not  NTFS,  ReFS,  Fat  or  Fat32. 

•  With  Windows  Server  2008  R2  ,  Windows  Server  2008  ,  and,  Windows  Vista,  you  can  schedule  to  defragment 
a  volume.  However,  you  cannot  schedule  to  defragment  a  Solid  State  Drive  (SSD)  or  a  volume  on  a  Virtual  Hard 
Disk  (VHD)  that  resides  on  an  SSD. 

•  To  perform  this  procedure,  you  must  be  a  member  of  the  Administrators  group  on  the  local  computer,  or  you 
must  have  been  delegated  the  appropriate  authority.  If  the  computer  is  joined  to  a  domain,  members  of  the 
Domain  Admins  group  might  be  able  to  perform  this  procedure.  As  a  security  best  practice,  consider  using  Run 
As  to  perform  this  procedure. 

•  A  volume  must  have  at  least  1 5%  free  space  for  defrag  to  completely  and  adequately  defragment  it.  defrag 
uses  this  space  as  a  sorting  area  for  file  fragments.  If  a  volume  has  less  than  1 5%  free  space,  defrag  will  only 
partially  defragment  it.  To  increase  the  free  space  on  a  volume,  delete  unneeded  files  or  move  them  to  another 
disk. 

•  While  defrag  is  analyzing  and  defragmenting  a  volume,  it  displays  a  blinking  cursor.  When  defrag  is  finished 
analyzing  and  defragmenting  the  volume,  it  displays  the  analysis  report,  the  defragmentation  report,  or  both 
reports,  and  then  exits  to  the  command  prompt. 

•  By  default,  defrag  displays  a  summary  of  both  the  analysis  and  defragmentation  reports  if  you  do  not  specify 
the  /a  or  /v  parameters. 

•  You  can  send  the  reports  to  a  text  file  by  typing  >FileName.txt,  where  FileName.txt  is  a  file  name  you  specify. 

For  example:  defrag  volume  /v  >  FileName.txt 

•  To  interrupt  the  defragmentation  process,  at  the  command  line,  press  CTRL+C. 

•  Running  the  defrag  command  and  Disk  defragmenter  are  mutually  exclusive.  If  you  are  using  Disk 
defragmenter  to  defragment  a  volume  and  you  run  the  defrag  command  at  a  command-line,  the  defrag 
command  fails.  Conversely,  if  you  run  the  defrag  command  and  open  Disk  defragmenter,  the  defragmentation 
options  in  Disk  defragmenter  are  unavailable. 


Examples 


To  defragment  the  volume  on  drive  C  while  providing  progress  and  verbose  output,  type: 


defrag  C:  /U  /V 

To  defragment  the  volumes  on  drives  C  and  D  in  parallel  in  the  background,  type: 

defrag  C:  D:  /M 

To  perform  a  fragmentation  analysis  of  a  volume  mounted  on  drive  C  and  provide  progress,  type: 
defrag  C:  mountpoint  /A  /U 

To  defragment  all  volumes  with  normal  priority  and  provide  verbose  output,  type: 

defrag  /C  /H  /V 


Scheduled  task 

Defrag's  scheduled  task  runs  as  a  maintenance  task  and  is  usually  scheduled  to  run  every  week.  Administrator  can 
change  the  frequency  using  Optimize  Drives  application. 

•  When  run  from  the  scheduled  task,  defrag  has  below  policy  for  SSDs: 

o  Traditional  defrag  (i.e.  moving  files  to  make  them  reasonably  contiguous)  and  retrim  is  run  only  once 
every  month. 

o  If  both  traditional  defrag  and  retrim  are  skipped,  analysis  is  not  run. 

o  If  user  ran  traditional  defrag  manually  on  an  SSD,  say  3  weeks  after  the  last  scheduled  task  run, 
then  the  next  scheduled  task  run  will  perform  analysis  and  retrim  but  skip  traditional  defrag  on 
that  SSD. 

o  If  analysis  is  skipped,  the  Last  run  time  in  Optimize  Drives  will  not  be  updated.  So  for  SSDs  the  Last 
run  time  in  Optimize  Drives  can  be  a  month  old. 

•  This  maintenance  task  might  not  defrag  all  the  volumes,  at  times  because  this  task  does  the  following: 
o  Doesn't  wake  the  computer  in  order  to  run  defrag 

o  Starts  only  if  the  computer  is  on  AC  power,  and  stops  if  the  computer  switches  to  battery  power 
o  Stops  if  the  computer  ceases  to  be  idle 

Additional  references 

•  chkdsk 

•  fsutil 

•  fsutil  dirty 

•  Command-Line  Syntax  Key 


del 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Deletes  one  or  more  files.  This  command  is  the  same  as  the  erase  command. 
For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 

del  [/p]  [/f]  [ /s ]  [ /q ]  [/a[ : ]<Attnibutes>]  <Names> 
erase  [/p]  [/f]  [/s]  [/q]  [/a[ : ]<Attributes>]  <Names> 


Parameters 

PARAMETER  DESCRIPTION 


<  Names  > 

Specifies  a  list  of  one  or  more  files  or  directories.  Wildcards 
may  be  used  to  delete  multiple  files.  If  a  directory  is  specified, 
all  files  within  the  directory  will  be  deleted. 

/P 

Prompts  for  confirmation  before  deleting  the  specified  file. 

/f 

Forces  deletion  of  read-only  files. 

/s 

Deletes  specified  files  from  the  current  directory  and  all 
subdirectories.  Displays  the  names  of  the  files  as  they  are 
being  deleted. 

/q 

Specifies  quiet  mode.  You  are  not  prompted  for  delete 
confirmation. 

/a[:]<Attributes> 

Deletes  files  based  on  the  following  file  attributes: 
r  Read-only  files 
h  Flidden  files 

i  Not  content  indexed  files 
s  System  files 
a  Files  ready  for  archiving 

1  Reparse  points 
-  Prefix  meaning  'not' 

n 

Displays  help  at  the  command  prompt. 

Remarks 

Caution 

If  you  use  del  to  delete  a  file  from  your  disk,  you  cannot  retrieve  it. 

•  If  you  use  /p,  del  displays  the  name  of  a  file  and  sends  the  following  message: 


'FileName,  Delete  (Y/N)?' 

To  confirm  the  deletion.,  press  Y.  To  cancel  the  deletion  and  display  the  next  file  name  (that  is,  if  you 
specified  a  group  of  files),  press  N.  To  stop  the  **del**  command,  press  CTRL+C. 

•  If  you  disable  command  extensions,  /s  displays  the  names  of  any  files  that  were  not  found  instead  of  displaying 
the  names  of  files  that  are  being  deleted  (that  is,  the  behavior  is  reversed). 

•  If  you  specify  a  folder  in  Names,  all  of  the  files  in  the  folder  are  deleted.  For  example,  the  following  command 
deletes  all  of  the  files  in  the  \Work  folder: 

del  \work 

•  You  can  use  wildcards  (*  and  ?)  to  delete  more  than  one  file  at  a  time.  However,  to  avoid  deleting  files 
unintentionally,  you  should  use  wildcards  cautiously  with  the  del  command.  For  example,  if  you  type  the 
following  command: 

del  *.* 

The  del  command  displays  the  following  prompt: 

Are  you  sure  (Y/N)? 

To  delete  all  of  the  files  in  the  current  directory,  press  Y  and  then  press  ENTER.  To  cancel  the  deletion,  press 
N  and  then  press  ENTER. 


NOTE 

Before  you  use  wildcard  characters  with  the  del  command,  use  the  same  wildcard  characters  with  the  dir  command  to  list  all 
the  files  that  will  be  deleted. 

•  The  del  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 


Examples 

To  delete  all  the  files  in  a  folder  named  Test  on  drive  C,  type  either  of  the  following: 

del  c:\test 
del  c:\test\*.* 

To  delete  all  files  with  the  .bat  file  name  extension  from  the  current  directory,  type: 

del  *.bak 

To  delete  all  read-only  files  in  the  current  directory,  type: 

del  /a:r  *.* 

Additional  references 

Command-Line  Syntax  Key 


dfsrmig 

1 0/24/2017  •  8  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

The  dfsrmig  command  migrates  SYSvol  replication  from  File  Replication  Service  (FRS)  to  Distributed  File  System 
(DFS)  Replication,  provides  information  about  the  progress  of  the  migration,  and  modifies  active  directory  Domain 
Services  (AD  DS)  objects  to  support  the  migration,  for  examples  of  how  to  use  this  command,  see  the  Examples 
section  later  in  this  document. 

Syntax 

dfsrmig  [/SetGlobalState  <state>  |  /GetGlobalState  |  /GetMigrationState  |  /createGlobalObjects  | 
/deleteRoNtfrsMember  [<read_only_domain_controller_name>]  |  /deleteRoDfsrMember 
[<read_only_domain_controller_name>]  |  /?] 

Parameters 


PARAMETER 

DESCRIPTION 

/SetGlobalState 

Sets  the  desired  global  migration  state  for  the  domain  to  the 
state  that  corresponds  to  the  value  specified  by  state. 

To  proceed  through  the  migration  or  the  rollback  processes, 
use  this  command  to  cycle  through  the  valid  states.  This 
option  enables  you  to  initiate  and  control  the  migration 
process  by  setting  the  global  migration  state  in  AD  DS  on  the 
PDC  emulator.  If  the  PDC  emulator  is  not  available,  this 
command  fails. 

You  can  only  set  the  global  migration  state  to  a  stable  state. 
The  valid  values  for  state,  therefore,  are  0  for  the  start  state,  1 
for  the  Prepared  state,  2  for  the  Redirected  state,  and  3  for  the 
Eliminated  state. 

Migration  to  the  Eliminated  state  is  irreversible  and  rollback 
from  that  state  is  not  possible,  so  use  a  value  of  3  for  state 
only  when  you  are  fully  committd  to  using  DFS  Replication  for 
SYSvol  replication. 

PARAMETER 


DESCRIPTION 


/GetGlobalState  Retrieves  the  current  global  migration  state  for  the  domain 

from  the  local  copy  of  the  AD  DS  database,  when  run  on  the 
PDC  emulator. 

Use  this  option  to  confirm  that  you  set  the  correct  global 
migration  state.  Only  stable  migration  states  can  be  global 
migration  states,  so  the  results  that  the  dfsrmig  command 
reports  with  the  /GetGlobalState  option  correspond  to  the 
states  you  can  set  with  the  /SetGlobalState  option. 

You  should  run  the  dfsrmig  command  with  the 
/GetGlobalState  option  only  on  the  PDC  emulator,  active 
directory  replication  replicates  the  global  state  to  the  other 
domain  controllers  in  the  domain,  but  replication  latencies  can 
cause  inconsistencies  if  you  run  the  dfsrmig  command  with 
the  /GetGlobalState  option  on  a  domain  controller  other 
than  the  PDC  emulator.  To  check  the  local  migration  status  of 
a  domain  controller  other  than  the  PDC  emulator,  use  the 
/GetMigrationState  option  instead. 


/GetMigrationState  Retrieves  the  current  local  migration  state  for  all  domain 

controllers  in  the  domain,  and  determines  whether  those  local 
states  match  the  current  global  migration  state. 

Use  this  option  to  determine  if  all  domain  controllers  have 
reached  the  global  migration  state.  The  output  of  the  dsfrmig 
command  when  you  use  the  /GetMigrationState  option 
indicates  whether  or  not  migration  to  the  current  global  state 
is  complete,  and  it  lists  the  local  migration  state  for  any 
domain  controllers  that  have  not  reached  the  current  global 
migration  state.  Local  migration  state  for  domain  controllers 
can  include  transition  states  for  domain  controllers  that  have 
not  reached  the  current  global  migration  state. 


PARAMETER 


DESCRIPTION 


/createGlobalObjects 


/deleteRoNtfrsMember 
[<  read_only_domain_controller_ 


creates  the  global  objects  and  settings  in  AD  DS  that  DFS 
Replication  uses. 

You  should  not  need  to  use  this  option  during  a  normal 
migration  process,  because  the  DFS  Replication  service 
automatically  creates  these  AD  DS  objects  and  settings  during 
the  migration  from  the  start  state  to  the  Prepared  state.  Use 
this  option  to  manually  create  these  objects  and  settings  in 
the  following  situations: 

-  A  new  read-only  domain  controller  is  promoted  during 
migration.  The  DFS  Replication  service  automatically  creates 
the  AD  DS  objects  and  settings  for  DFS  Replication  during  the 
migration  from  the  start  state  to  the  Prepared  state.  If  a  new 
read-only  domain  controller  is  promoted  in  the  domain  after 
this  transition,  but  before  migration  to  the  Eliminated  state, 
then  the  objects  that  correspond  to  the  newly  activated  read¬ 
only  domain  controller  are  not  created  in  AD  DS  causing 
replication  and  migration  to  fail. 

-  In  this  case,  you  can  run  the  dfsrmig  command  wth  the 
/createGlobalObjects  option  to  manually  create  the  objects 
on  any  read-only  domain  controllers  that  do  not  already  have 
them.  Running  this  command  does  not  affect  the  domain 
controllers  that  already  have  the  objects  and  settings  for  the 
DFS  Replication  service. 

-  The  global  settings  for  the  DFS  Replication  service  are 
missing  or  were  deleted.  If  these  settings  are  missing  for  a 
particular  domain  controller,  migration  from  the  start  state  to 
the  Prepared  state  stalls  at  the  Preparing  transition  state  for 
the  domain  controller.  In  this  case,  you  can  use  the  dfsrmig 
command  with  the  /createGlobalObjects  option  to  manually 
create  the  settings.  Note:  Because  the  global  AD  DS  settings 
for  the  DFS  Replication  service  for  a  read-only  domain 
controller  are  created  on  the  PDC  emulator,  these  settings 
need  to  replicate  to  the  read-only  domain  controller  from  the 
PDC  emulator  before  the  DFS  Replication  service  on  the  read¬ 
only  domain  controller  can  use  these  settings.  Because  of 
active  irectory  replication  latencies,  this  replication  can  take 
some  time  to  occur. 


deletes  the  global  AD  DS  settings  for  FRS  replication  that 
name>]  correspond  to  the  specified  read-only  domain  controller,  or 

deletes  the  global  AD  DS  settings  for  FRS  replication  for  all 
read-only  domain  controllers  if  no  value  is  specified  for 
read_only_domain_controUer_name. 

You  should  not  need  to  use  this  option  during  a  normal 
migration  process,  because  the  DFS  Replication  service 
automatically  deletes  these  AD  DS  settings  during  the 
migration  from  the  Redirected  state  to  the  Eliminated  state. 
Because  read-only  domain  controllers  cannot  delete  these 
settings  from  AD  DS,  the  PDC  emulator  performs  this 
operation,  and  the  changes  eventually  replicate  to  the  read¬ 
only  domain  controllers  after  the  applicable  latencies  for  active 
directory  replication. 

You  use  this  option  to  manually  delete  the  AD  DS  settings 
only  when  the  automatic  deletion  fails  on  a  read-only  domain 
controller  and  stalls  the  read-only  domain  controller  for  a  long 
ime  during  the  migration  from  the  Redirected  state  to  the 
Eliminated  state. 


PARAMETER 


DESCRIPTION 


/deleteRoDfsrMember  [<read_only_domain_controller_name>]  deletes  the  global  AD  DS  settings  for  DFS  Replication  that 

correspond  to  the  specified  read-only  domain  controller,  or 
deletes  the  global  AD  DS  settings  for  DFS  Replication  for  all 
read-only  domain  controllers  if  no  value  is  specified  for 
read_only_domain_controller_name. 

Use  this  option  to  manually  delete  the  AD  DS  settings  only 
when  the  automatic  deletion  fails  on  a  read-only  domain 
controller  and  stalls  the  read-only  domain  controller  for  a  long 
time  when  rolling  back  the  migration  from  the  Prepared  state 
to  the  start  state. 


/? 


Displays  help  at  the  command  prompt.  Equivalent  to  running 
dfsrmig  without  any  options. 


remarks 

•  dfsrmig.exe,  the  migration  tool  for  the  DFS  Replication  service,  is  installed  with  the  DFS  Replication  service,  for 
a  new  Windows  Server  2008  server,  Dcpromo.exe  installs  and  starts  the  DFS  Replication  service  when  you 
promote  the  computer  to  a  domain  controller.  When  you  upgrade  a  server  from  Windows  Server  2003  to 
Windows  Server  2008  ,  the  upgrade  process  installs  and  starts  the  DFS  Replication  service.  You  do  not  need  to 
install  the  DFS  Replication  role  service  to  have  the  DFS  Replication  service  installed  and  started. 

•  The  dfsrmig  tool  is  supported  only  on  domain  controllers  that  run  at  the  Windows  Server  2008  domain 
functional  level,  because  SYSvol  migration  from  FRS  to  DFS  Replication  is  only  possible  on  domain  controllers 
that  operate  at  the  Windows  Server  2008  domain  functional  level. 

•  You  can  run  the  dfsrmig  command  on  any  domain  controller,  but  operations  that  create  or  manipulate  AD  DS 
objects  are  only  allowed  on  read-write  capable  domain  controllers  (not  on  read-only  domain  controllers). 

•  Running  dfsrmig  without  any  options  displays  help  at  the  command  prompt.  ##  Examples  To  set  the  global 
migration  state  to  prepared  (1)  and  initiate  migration  to  or  rollback  from  the  Prepared  state,  type: 

dfsrmig  /setGiobaistate  i  To  set  the  global  migration  state  to  start  (0)  and  initiate  rollback  to  the  start  state, 
type:  dfsrmig  /setGiobaistate  0  To  display  the  global  migration  state,  type:  dfsrmig  /GetGiobaistate  This 

/GetGlobalState  command. 

To  display  the  information  about  whether  the  local  migration 
global  migration  state  and  the  local  migration  states  for  any 
domain  controllers  where  the  local  state  does  not  match  the  global  state,  type:  dfsrmig  /GetMigrationstate  This 
example  shows  typical  output  from  the  dfsrmig  /GetMigrationState  command  when  the  local  migration 
states  on  all  of  the  domain  controllers  match  the  global  migration  state. 

All  Domain  Controllers  have  migrated  successfully  to  Global  state  (  Prepared  ).  Migration  has  reached  a 
consistent  state  on  all  Domain  Controllers.  Succeeded. 

This  example  shows  typical  output  from  the  dfsrmig  /GetMigrationstate  command  when  the  local  migration 
states  on  some  domain  controllers  do  not  match  the  global  migration  state.  The  following  Domain 
Controllers  are  not  in  sync  with  Global  state  (  Prepared  ): 

Domain  Controller  (Local  Migration  State)  DC  type 

CONTOSO-DC2  (  start )  Readonly  DC  CONTOSO-DC3  (  Preparing  )  Writable  DC  Migration  has  not  yet  reached 
a  consistent  state  on  all  domain  controllers  State  information  might  be  stale  due  to  AD  latency. 

To  create  the  global  objects  and  settings  that  DFS  Replication  uses  in  AD  DS  on  domain  controllers  where  those 
settings  were  not  created  automatically  during  migration  or  where  those  settings  are  missing,  type: 


example  shows  typical  output  from  the  dfsrmig 
Current  DFSR  global  state:  Prepared  Succeeded, 
states  on  all  of  the  domain  controllers  match  the 


dfsrmig  /createGlobalObjects 


To  delete  the  global  AD  DS  settings  for  FRS  replication  for  a  read-only  domain  controller  named  contoso-dc2  if 
those  settings  were  not  deleted  automatically  deleted  by  the  migration  process,  type: 


dfsrmig  /deleteRoNtfrsMember  contoso-dc2 

To  delete  the  global  AD  DS  settings  for  FRS  replication  for  all  read-only  domain  controllers  if  those  settings 
were  not  deleted  automatically  by  the  migration  process,  type: 


dfsrmig  /deleteRoNtfrsMember 

To  delete  the  global  AD  DS  settings  for  DFS  Replication  for  a  read-only  domain  controller  named  contoso-dc2  if 
those  settings  were  not  deleted  automatically  by  the  migration  process,  type: 


dfsrmig  /deleteRoDfsrMember  contoso-dc2 

To  delete  the  global  AD  DS  settings  for  DFS  Replication  for  all  read-only  domain  controllers  if  those  settings 
were  not  deleted  automatically  by  the  migration  process,  type: 


dfsrmig  /deleteRoDfsrMember 

##  additional  references 

[Command -Line  Syntax  Key] (https : //go. microsoft .com/fwlink/?LinkId=122056) 

[SYSvol  Migration  Series:  Part  2  dfsrmig.exe:  The  SYSvol  Migration  Tool] (https ://go. microsoft . com/fwlink/? 
LinkID=121757) 


diantz 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


This  command  is  the  same  as  the  makecab  command.  See  makecab  for  syntax  and  parameters. 

additional  references 

•  Command-Line  Syntax  Key 


dir 
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Displays  a  list  of  a  directory's  files  and  subdirectories.  If  used  without  parameters,  dir  displays  the  disk's  volume 
label  and  serial  number,  followed  by  a  list  of  directories  and  files  on  the  disk  (including  their  names  and  the  date 
and  time  each  was  last  modified).  For  files,  dir  displays  the  name  extension  and  the  size  in  bytes.  Dir  also  displays 
the  total  number  of  files  and  directories  listed,  their  cumulative  size,  and  the  free  space  (in  bytes)  remaining  on  the 
disk. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

dir  [<Drive>: ] [<Path>] [<FileName>]  [...]  [/p]  [/q]  [/w]  [ /d ]  [/a[ [ : ]<Attributes>] ] [/o[ [ : ]<SortOrder>] ]  [ /t [ [ :  ] 
<TimeField>] ]  [/s ]  [/b]  [/l]  [/n ]  [/x]  [/c]  [/4] 


Parameters 

PARAMETER  DESCRIPTION 


[<  Drive> :][] 

Specifies  the  drive  and  directory  for  which  you  want  to  see  a 
listing. 

[<FileName>] 

Specifies  a  particular  file  or  group  of  files  for  which  you  want 
to  see  a  listing. 

/P 

Displays  one  screen  of  the  listing  at  a  time.  To  see  the  next 
screen,  press  any  key  on  the  keyboard. 

/q 

Displays  file  ownership  information. 

/w 

Displays  the  listing  in  wide  format,  with  as  many  as  five  file 
names  or  directory  names  on  each  line. 

/d 

Displays  the  listing  in  the  same  format  as  /w,  but  the  files  are 
sorted  by  column. 

PARAMETER 


DESCRIPTION 


/a[[:]<Attributes>]  Displays  only  the  names  of  those  directories  and  files  with  the 

attributes  that  you  specify.  If  you  omit  /a,  dir  displays  the 
names  of  all  files  except  hidden  and  system  files.  If  you  use  /a 
without  specifying  Attributes,  dir  displays  the  names  of  all 
files,  including  hidden  and  system  files. 

The  following  list  describes  each  of  the  values  that  you  can  use 
for  Attributes.  Using  a  colon  (:)  is  optional.  Use  any 
combination  of  these  values,  and  do  not  separate  the  values 
with  spaces, 
d  Directories 
h  Hidden  files 
s  System  files 
I  Reparse  points 
r  Read-only  files 
a  Files  ready  for  archiving 
i  Not  content  indexed  files 
-  Prefix  meaning  "not" 


/o[[:]<SortOrder>]  Sorts  the  output  according  to  SortOrder,  which  can  be  any 

combination  of  the  following  values: 
n  By  name  (alphabetical) 
e  By  extension  (alphabetical) 
g  Group  directories  first 
s  By  size  (smallest  first) 
d  By  date/time  (oldest  first) 

-  Prefix  to  reverse  order 

Note:  Using  a  colon  is  optional.  Multiple  values  are  processed 
in  the  order  in  which  you  list  them.  Do  not  separate  multiple 
values  with  spaces. 

If  SortOrder  is  not  specified,  dir  /o  lists  the  directories  in 
alphabetic  order,  followed  by  the  files,  which  are  also  sorted  in 
alphabetic  order. 


/t[[:]<TimeField>] 

Specifies  which  time  field  to  display  or  use  for  sorting.  The 
following  list  describes  each  of  the  values  you  can  use  for 
TimeField: 

c  Creation 

a  Last  access 

w  Last  written 

/s 

Lists  every  occurrence  of  the  specified  file  name  within  the 
specified  directory  and  all  subdirectories. 

/b 

Displays  a  bare  list  of  directories  and  files,  with  no  additional 
information,  /b  overrides  /w. 

/I 

Displays  unsorted  directory  names  and  file  names  in 
lowercase. 

/n 

Displays  a  long  list  format  with  file  names  on  the  far  right  of 
the  screen. 

/x 

Displays  the  short  names  generated  for  non-8dot3  file  names. 
The  display  is  the  same  as  the  display  for  /n,  but  the  short 
name  is  inserted  before  the  long  name. 

/c 

Displays  the  thousand  separator  in  file  sizes.  This  is  the  default 
behavior.  Use  /-c  to  hide  separators. 

PARAMETER 


DESCRIPTION 


/4  Displays  years  in  four-digit  format. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  To  use  multiple  FileName  parameters,  separate  each  file  name  with  a  space,  comma,  or  semicolon. 

•  You  can  use  wildcard  characters  (*  or?),  to  represent  one  or  more  characters  of  a  file  name  and  to  display  a 
subset  of  files  or  subdirectories. 

Asterisk  (*):  Use  the  asterisk  as  a  substitute  for  any  string  of  characters,  for  example: 

o  dir  *.txt  lists  all  files  in  the  current  directory  with  extensions  that  begin  with  .txt,  such  as  .txt,  .txtl,  ,txt_old. 
o  dir  read*.txt  lists  all  files  in  the  current  directory  that  begin  with  "read"  and  with  extensions  that  begin 
with  .txt,  such  as  .txt,  .txtl,  or  ,txt_old. 

o  dir  read*.\*  lists  all  files  in  the  current  directory  that  begin  with  "read"  with  any  extension. 

The  asterisk  wildcard  always  uses  short  file  name  mapping,  so  you  might  get  unexpected  results.  For 
example,  the  following  directory  contains  two  files  (t.txt2  and  t97.txt): 


C:\test>dir  /x 

Volume  in  drive  C  has  no  label. 
Volume  Serial  Number  is  B86A-EF32 


Directory  of  C:\test 


11/30/2004 

11/30/2004 

11/30/2004 

11/30/2004 


01:40  PM  <DIR>  . 

01:40  PM  <DIR>  . . 

11:05  AM  0  T97B4~1.TXT  t.txt2 
01:16  PM  0  t97.txt 


You  might  expect  that  typing  dir  t97\*  would  return  the  file  t97.txt.  However,  typing  dir  t97\*  returns  both 
files,  because  the  asterisk  wildcard  matches  the  file  t.txt2  to  t97.txt  by  using  its  short  name  map 
T97B4~1.TXT.  Similarly,  typing  del  t97\*  would  delete  both  files. 

Question  mark  (?):  Use  the  question  mark  as  a  substitute  for  a  single  character  in  a  name.  For  example, 
typing  dir  read???.txt  lists  any  files  in  the  current  directory  with  the  .txt  extension  that  begin  with  "read"  and 
are  followed  by  up  to  three  characters.  This  includes  Read.txt,  Readl  .txt,  Readl  2.txt,  Readl  23.txt,  and 
Readme1.txt,  but  not  Readme12.txt. 

•  Specifying  file  display  attributes 

If  you  use  /a  with  more  than  one  value  in  Attributes,  dir  displays  the  names  of  only  those  files  with  all  the 
specified  attributes.  For  example,  if  you  use /a  with  rand  -h  as  attributes  (by  using  either /a:r-h  or/ar-h), 
dir  will  only  display  the  names  of  the  read-only  files  that  are  not  hidden. 

•  Specifying  file  name  sorting 

If  you  specify  more  than  one  SortOrder  value,  dir  sorts  the  file  names  by  the  first  criterion,  then  by  the 
second  criterion,  and  so  on.  For  example,  if  you  use  /o  with  the  e  and  -s  values  for  SortOrder  (by  using 
either  /o:e-s  or  /oe-s),  dir  sorts  the  names  of  directories  and  files  by  extension,  with  the  largest  first,  and 
then  displays  the  final  result.  The  alphabetic  sorting  by  extension  causes  file  names  with  no  extensions  to 
appear  first,  then  directory  names,  and  then  file  names  with  extensions. 

•  Using  redirection  symbols  and  pipes 


When  you  use  the  redirection  symbol  (>)  to  send  dir  output  to  a  file  or  a  pipe  (|)  to  send  dir  output  to 
another  command,  use  /a:-d  and  /b  to  list  the  file  names  only.  You  can  use  FileName  with  /b  and  /s  to 
specify  that  dir  is  to  search  the  current  directory  and  its  subdirectories  for  all  file  names  that  match 
FileName.  Dir  lists  only  the  drive  letter,  directory  name,  file  name,  and  file  name  extension  (one  path  per 
line),  for  each  file  name  it  finds.  Before  you  use  a  pipe  to  send  dir  output  to  another  command,  you  should 
set  the  TEMP  environment  variable  in  your  Autoexec.nt  file. 

•  The  dir  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 

Examples 

To  display  all  directories  one  after  the  other,  in  alphabetical  order,  in  wide  format,  and  pausing  after  each  screen, 
make  sure  that  the  root  directory  is  the  current  directory,  and  then  type: 

dir  /s/w/o/p 

Dir  lists  the  root  directory,  the  subdirectories,  and  the  files  in  the  root  directory,  including  extensions.  Then,  dir  lists 
the  subdirectory  names  and  file  names  in  each  subdirectory  in  the  tree. 

To  alter  the  preceding  example  so  that  dir  displays  the  file  names  and  extensions,  but  omits  the  directory  names, 
type: 

dir  /s/w/o/p/a: -d 

To  print  a  directory  listing,  type: 

dir  >  prn 

When  you  specify  prn,  the  directory  list  is  sent  to  the  printer  that  is  attached  to  the  LPT1  port.  If  your  printer  is 
attached  to  a  different  port,  you  must  replace  prn  with  the  name  of  the  correct  port. 

You  can  also  redirect  output  of  the  dir  command  to  a  file  by  replacing  prn  with  a  file  name.  You  can  also  type  a 
path.  For  example,  to  direct  dir  output  to  the  file  dir.doc  in  the  Records  directory,  type: 

dir  >  \records\dir.doc 

If  dir.doc  does  not  exist,  dir  creates  it,  unless  the  Records  directory  does  not  exist.  In  that  case,  the  following 
message  appears: 

File  creation  error 

To  display  a  list  of  all  the  file  names  with  the  .txt  extension  in  all  directories  on  drive  C,  type: 

dir  c:\*.txt  /w/o/s/p 

Dir  displays,  in  wide  format,  an  alphabetized  list  of  the  matching  file  names  in  each  directory,  and  it  pauses  each 
time  the  screen  fills  until  you  press  any  key  to  continue. 

Additional  references 


Command-Line  Syntax  Key 


diskcomp 
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Compares  the  contents  of  two  floppy  disks.  If  used  without  parameters,  diskcomp  uses  the  current  drive  to 
compare  both  disks. For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

diskcomp  [<Drivel>:  [<Drive2> : ] ] 


Parameters 


PARAMETER 

DESCRIPTION 

<  Drivel  > 

Specifies  the  drive  containing  one  of  the  floppy  disks. 

<Drive2> 

Specifies  the  drive  containing  the  other  floppy  disk. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Using  disks 

The  diskcomp  command  works  only  with  floppy  disks.  You  cannot  use  diskcomp  with  a  hard  disk.  If  you 
specify  a  hard  disk  drive  for  Drivel  or  Drive2,  diskcomp  displays  the  following  error  message: 

Invalid  drive  specification 
Specified  drive  does  not  exist 
or  is  nonremovable 


•  Comparing  disks 

If  all  tracks  on  the  two  disks  being  compared  are  the  same,  diskcomp  displays  the  following  message: 

Compare  OK 


If  the  tracks  are  not  the  same,  diskcomp  displays  a  message  similar  to  the  following: 

Compare  error  on 
side  1,  track  2 


When  diskcomp  completes  the  comparison,  it  displays  the  following  message: 
Compare  another  diskette  (Y/N)? 


If  you  press  Y,  diskcomp  prompts  you  to  insert  the  disk  for  the  next  comparison.  If  you  press  N,  diskcomp 


stops  the  comparison. 

When  diskcomp  makes  the  comparison,  it  ignores  a  disk's  volume  number. 

Omitting  drive  parameters 

If  you  omit  the  Drive2  parameter,  diskcomp  uses  the  current  drive  for  Drive2.  If  you  omit  both  drive 
parameters,  diskcomp  uses  the  current  drive  for  both.  If  the  current  drive  is  the  same  as  Drivel,  diskcomp 
prompts  you  to  swap  disks  as  necessary. 

Using  one  drive 

If  you  specify  the  same  floppy  disk  drive  for  Drivel  and  Drive2,  diskcomp  compares  them  by  using  one 
drive  and  prompts  you  to  insert  the  disks  as  necessary.  You  might  have  to  swap  the  disks  more  than  once, 
depending  on  the  capacity  of  the  disks  and  the  amount  of  available  memory. 

Comparing  different  types  of  disks 

Diskcomp  cannot  compare  a  single-sided  disk  with  a  double-sided  disk,  nor  a  high-density  disk  with  a 
double-density  disk.  If  the  disk  in  Drivel  is  not  of  the  same  type  as  the  disk  in  Drive2,  diskcomp  displays 
the  following  message: 

Drive  types  or  diskette  types  not  compatible 

Using  diskcomp  with  networks  and  redirected  drives 

Diskcomp  does  not  work  on  a  network  drive  or  on  a  drive  created  by  the  subst  command.  If  you  attempt  to 
use  diskcomp  with  a  drive  of  any  of  these  types,  diskcomp  displays  the  following  error  message: 

Invalid  drive  specification 

Comparing  an  original  disk  with  a  copy 

When  you  use  diskcomp  with  a  disk  that  you  made  by  using  copy,  diskcomp  might  display  a  message 
similar  to  the  following: 

Compare  error  on 
side  0j  track  0 

This  type  of  error  can  occur  even  if  the  files  on  the  disks  are  identical.  Although  copy  duplicates  information, 
it  does  not  necessarily  place  it  in  the  same  location  on  the  destination  disk. 

Understanding  diskcomp  exit  codes 

The  following  table  explains  each  exit  code. 


EXIT  CODE 

DESCRIPTION 

0 

Disks  are  the  same 

1 

Differences  were  found 

3 

Hard  error  occurred 

4 


Initialization  error  occurred 


To  process  exit  codes  that  are  returned  by  diskcomp,  you  can  use  the  ERRORLEVEL  environment  variable 
on  the  if  command  line  in  a  batch  program. 

Examples 

If  your  computer  has  only  one  floppy  disk  drive  (for  example,  drive  A),  and  you  want  to  compare  two  disks,  type: 

diskcomp  a:  a: 


Diskcomp  prompts  you  to  insert  each  disk,  as  needed. 

The  following  example  illustrates  how  to  process  a  diskcomp  exit  code  in  a  batch  program  that  uses  the 
ERRORLEVEL  environment  variable  on  the  if  command  line: 


rem  Checkout.bat  compares  the  disks  in  drive  A  and  B 
echo  off 
diskcomp  a:  b: 

if  errorlevel  4  goto  ini_error 
if  errorlevel  3  goto  hard_error 
if  errorlevel  1  goto  no_compare 
if  errorlevel  0  goto  compare_ok 
: ini_error 

echo  ERROR:  Insufficient  memory  or  command  invalid 
goto  exit 
: hard_error 

echo  ERROR:  An  irrecoverable  error  occurred 
goto  exit 
: break 

echo  "You  just  pressed  CTRL+C"  to  stop  the  comparison 
goto  exit 
: no_compare 

echo  Disks  are  not  the  same 
goto  exit 
: compare_ok 

echo  The  comparison  was  successful;  the  disks  are  the  same 
goto  exit 
:  exit 

Additional  references 

Command-Line  Syntax  Key 


diskcopy 
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Copies  the  contents  of  the  floppy  disk  in  the  source  drive  to  a  formatted  or  unformatted  floppy  disk  in  the 
destination  drive.  If  used  without  parameters,  diskcopy  uses  the  current  drive  for  the  source  disk  and  the 
destination  disk. 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


diskcopy  [<Drivel>:  [<Drive2>:]]  [/v] 

Parameters 

PARAMETER 

DESCRIPTION 

<  Drivel  > 

Specifies  the  drive  that  contains  the  source  disk. 

<Drive2> 

Specifies  the  drive  that  contains  the  destination  disk. 

/v 

Verifies  that  the  information  is  copied  correctly.  This  option 
slows  down  the  copying  process. 

P 

Displays  help  at  the  command  prompt. 

Remarks 

•  Using  disks 

Diskcopy  works  only  with  removable  disks  such  as  floppy  disks,  which  must  be  the  same  type.  You  cannot 
use  diskcopy  with  a  hard  disk.  If  you  specify  a  hard  disk  drive  for  Drive  1  or  Drive2,  diskcopy  displays  the 
following  error  message: 

Invalid  drive  specification 

Specified  drive  does  not  exist  or  is  nonremovable 

The  diskcopy  command  prompts  you  to  insert  the  source  and  destination  disks  and  waits  for  you  to  press 
any  key  on  the  keyboard  before  continuing. 

After  it  copies  the  disk,  diskcopy  displays  the  following  message: 

Copy  another  diskette  (Y/N)? 

If  you  press  Y,  diskcopy  prompts  you  to  insert  source  and  destination  disks  for  the  next  copy  operation.  To 
stop  the  diskcopy  process,  press  N. 

If  you  are  copying  to  an  unformatted  floppy  disk  in  Drive2,  diskcopy  formats  the  disk  with  the  same 


number  of  sides  and  sectors  per  track  as  are  on  the  disk  in  Drivel.  Diskcopy  displays  the  following 
message  while  it  formats  the  disk  and  copies  the  files: 

Formatting  while  copying 

•  Disk  serial  numbers 

If  the  source  disk  has  a  volume  serial  number,  diskcopy  creates  a  new  volume  serial  number  for  the 
destination  disk  and  displays  the  number  when  the  copy  operation  is  complete. 

•  Omitting  drive  parameters 

If  you  omit  the  Drive2  parameter,  diskcopy  uses  the  current  drive  as  the  destination  drive.  If  you  omit  both 
drive  parameters,  diskcopy  uses  the  current  drive  for  both.  If  the  current  drive  is  the  same  as  Drivel, 
diskcopy  prompts  you  to  swap  disks  as  necessary. 

•  Using  one  drive  for  copying 

Run  diskcopy  from  a  drive  other  than  the  floppy  disk  drive,  for  example  the  C  drive.  If  floppy  disk  Drivel 
and  floppy  disk  Drive2  are  the  same,  diskcopy  prompts  you  to  switch  disks.  If  the  disks  contain  more 
information  than  the  available  memory  can  hold,  diskcopy  cannot  read  all  of  the  information  at  once. 
Diskcopy  reads  from  the  source  disk,  writes  to  the  destination  disk,  and  prompts  you  to  insert  the  source 
disk  again.  This  process  continues  until  you  have  copied  the  entire  disk. 

•  Avoiding  disk  fragmentation 

Fragmentation  is  the  presence  of  small  areas  of  unused  disk  space  between  existing  files  on  a  disk.  A 
fragmented  source  disk  can  slow  down  the  process  of  finding,  reading,  or  writing  files. 

Because  diskcopy  makes  an  exact  copy  of  the  source  disk  on  the  destination  disk,  any  fragmentation  on  the 
source  disk  is  transferred  to  the  destination  disk.  To  avoid  transferring  fragmentation  from  one  disk  to 
another,  use  copy  or  xcopy  to  copy  your  disk.  Because  copy  and  xcopy  copy  files  sequentially,  the  new 
disk  is  not  fragmented. 


The  following  table  explains  each  exit  code. 
| Exit  code | Description | 


| 0 | Copy  operation  was  successful! 

|l|Nonfatal  Read/Write  error  occurred | 

| 3 | Fatal  hard  error  occurred | 

| 4 | Initialization  error  occurred | 

To  process  the  exit  codes  that  are  returned  by  **diskcomp**J  you  can  use  the  *ERRORLEVEL*  environment  variable 
on  the  command  line  in  a  batch  program. 


Examples 


To  copy  the  disk  in  drive  B  to  the  disk  in  drive  A,  type: 


diskcopy  b:  a: 


To  use  floppy  disk  drive  A  to  copy  one  floppy  disk  to  another,  first  switch  to  the  C  drive  and  then  type: 

diskcopy  a:  a: 

Additional  references 

Command-Line  Syntax  Key 


diskperf 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


In  Windows  2000,  physical  and  logical  disk  performance  counters  are  not  enabled  by  default. 

Diskperf  is  included  in  Windows  XP,  Windows  Server  2003,  Windows  Server  2008,  Windows  Vista,  Windows 
Server  2008  R2,  and  Windows  7  so  that  it  can  be  used  to  remotely  enable  or  disable  physical  or  logical  disk 
performance  counters  on  computers  running  Windows  2000. 

Syntax 

diskperf  [ -Y[D  | V]  |  -N [ D  |  V]  ]  [Wcomputername] 


Options 

OPTION  DESCRIPTION 


-? 

Displays  context  sensitive  help. 

-Y 

Start  all  disk  performance  counters  when  the  computer 
restarts. 

-YD 

Enable  disk  performance  counters  for  physical  drives  when  the 
computer  restarts. 

-YV 

Enable  disk  performance  counters  for  logical  drives  or  storage 
volumes  when  the  computer  restarts. 

-N 

Disable  all  disk  performance  counters  when  the  computer 
restarts. 

-ND 

Disable  disk  performance  counters  for  physical  drives  when 
the  computer  restarts. 

-NV 

Disable  disk  performance  counters  for  logical  drives  or  storage 
volumes  when  the  computer  restarts. 

\\<  computername  > 

Specify  the  name  of  the  computer  where  you  want  to  enable 
or  disable  disk  performance  counters. 

diskraid 

4/1 3/2018  •  26  min  to  read  •  Edit  Online 


DiskRAI  D  is  a  command-line  tool  that  enables  you  to  configure  and  manage  redundant  array  of  independent  (or 
inexpensive)  disks  (RAID)  storage  subsystems. 

RAID  is  a  method  used  to  standardize  and  categorize  fault-tolerant  disk  systems.  RAID  levels  provide  various 
mixes  of  performance,  reliability,  and  cost.  RAI D  is  usually  used  on  servers.  Some  servers  provide  three  of  the 
RAID  levels:  Level  0  (striping),  Level  1  (mirroring),  and  Level  5  (striping  with  parity). 

A  hardware  RAI  D  subsystem  distinguishes  physically  addressable  storage  units  from  one  another  by  using  a 
Logical  Unit  Number  (LUN).  A  LUN  object  must  have  at  least  one  plex,  and  can  have  any  number  of  additional 
plexes.  Each  plex  contains  a  copy  of  the  data  on  the  LUN  object.  Plexes  can  be  added  to  and  removed  from  a  LUN 
object. 

Most  DiskRAID  commands  operate  on  a  specific  host  bus  adapter  (HBA)  port,  initiator  adapter,  initiator  portal, 
provider,  subsystem,  controller,  port,  drive,  LUN,  target  portal,  target,  or  target  portal  group.  You  use  the  SELECT 
command  to  select  an  object.  The  selected  object  is  said  to  have  focus.  Focus  simplifies  common  configuration 
tasks,  such  as  creating  multiple  LUNs  within  the  same  subsystem. 


NOTE 

The  DiskRAID  command-line  tool  works  only  with  storage  subsystems  that  support  Virtual  Disk  Service  (VDS). 


DiskRAI  D  commands 

To  view  the  command  syntax,  click  a  command: 

•  add 

•  associate 

•  automagic 

•  break 

•  chap 

•  create 

•  delete 

•  detail 

•  dissociate 

•  exit 

•  extend 

•  flushcache 

•  help 

•  importtarget 

•  initiator 

•  invalidatecache 

•  Ibpolicy 

•  list 

•  login 

•  logout 


•  maintenance 

•  name 

•  offline 

•  online 

•  recover 

•  reenumerate 

•  refresh 

•  rem 

•  remove 

•  replace 

•  reset 

•  select 

•  setflag 

•  shrink 

•  standby 

•  unmask 

add 

Adds  an  existing  LUN  to  the  currently  selected  LUN,  or  adds  an  iSCSI  target  portal  to  the  currently  selected  iSCSI 
target  portal  group. 

Syntax 

add  plex  lun=n  [noerr] 

add  tpgroup  tportal=n  [noerr] 

Parameters 
plex  lun=n 

Specifies  the  LUN  number  to  add  as  a  plex  to  the  currently  selected  LUN. 

Caution 

All  data  on  the  LUN  being  added  as  a  plex  will  be  deleted. 

tpgroup  tportal=n 

Specifies  the  iSCSI  target  portal  number  to  add  to  the  currently  selected  iSCSI  target  portal  group. 

noerr 

Specifies  that  any  failures  that  occur  while  performing  this  operation  will  be  ignored.  This  is  useful  in  script  mode. 

associate 

Sets  the  specified  list  of  controller  ports  as  active  for  the  currently  selected  LUN  (other  controller  ports  are  made 
inactive),  or  adds  the  specified  controller  ports  to  the  list  of  existing  active  controller  ports  for  the  currently  selected 
LUN,  or  associates  the  specified  iSCSI  target  for  the  currently  selected  LUN. 

Syntax 

associate  controllers  [add]  <n>[,<n>  [,...]] 
associate  ports  [add]  <n-m>[  J<n-m>[J...]  ] 
associate  targets  [add]  <n>[,<n>  [,...]] 


Parameters 

controllers 


For  use  with  VDS  1 .0  providers  only.  Adds  to  or  replaces  the  list  of  controllers  that  are  associated  with  the  currently 
selected  LUN. 

ports 

For  use  with  VDS  1 .1  providers  only.  Adds  to  or  replaces  the  list  of  controller  ports  that  are  associated  with  the 
currently  selected  LUN. 

targets 

For  use  with  VDS  1 .1  providers  only.  Adds  to  or  replaces  the  list  of  iSCSI  targets  that  are  associated  with  the 
currently  selected  LUN. 

add 

For  VDS  1 .0  providers,  adds  the  specified  controllers  to  the  existing  list  of  controllers  associated  with  the  LUN.  If 
this  parameter  is  not  specified,  the  list  of  controllers  replaces  the  existing  list  of  controllers  associated  with  this 
LUN. 

For  VDS  1.1  providers,  adds  the  specified  controller  ports  to  the  existing  list  of  controller  ports  associated  with  the 
LUN.  If  this  parameter  is  not  specified,  the  list  of  controller  ports  replaces  the  existing  list  of  controller  ports 
associated  with  this  LUN. 

<n>[,<n>  [,  ...]] 

For  use  with  the  controllers  or  targets  parameter.  Specifies  the  numbers  of  the  controllers  or  iSCSI  targets  to  set 
to  active  or  associate. 

<n-m>[,<n-m>[,...]  ] 

For  use  with  the  ports  parameter.  Specifies  the  controller  ports  to  set  active  using  a  controller  number  in)  and  port 
number  (m)  pair. 

Example 

The  following  example  shows  how  to  associate  and  add  ports  to  a  LUN  that  uses  a  VDS  1 .1  provider: 

DISKRAID>  SEL  LUN  5 

LUN  5  is  now  the  selected  LUN. 

DISKRAID>  ASSOCIATE  PORTS  0-0, 0-1 
Controller  port  associations  changed. 

(Controller  ports  active  after  this  command:  Ctlr  0  Port  0,  Ctlr  0  Port  1) 

DISKRAID>  ASSOCIATE  PORTS  ADD  1-1 
Controller  port  associations  changed. 

(Controller  ports  active  after  this  command:  Ctlr  0  Port  0,  Ctlr  0  Port  1,  Ctlr  1  Port  1) 

automagic 

Sets  or  clears  flags  that  give  hints  to  providers  on  how  to  configure  a  LUN.  Used  with  no  parameters,  the 
automagic  operation  displays  a  list  of  flags. 

Syntax 

automagic  {set  |  clear  |  apply}  all  <flag=value>  [<flag=value>  [...]] 


Parameters 

set 


Sets  the  specified  flags  to  the  specified  values. 

clear 

Clears  the  specified  flags.  The  all  keyword  clears  all  the  automagic  flags. 

apply 

Applies  the  current  flags  to  the  selected  LUN. 

<flag> 

Flags  are  identified  by  three-letter  acronyms. 


FLAG 

DESCRIPTION 

FCR 

Fast  Crash  Recovery  Required 

FTL 

Fault  Tolerant 

MSR 

Mostly  Reads 

MXD 

Maximum  Drives 

MXS 

Maximum  Size  Expected 

ORA 

Optimal  Read  Alignment 

ORS 

Optimal  Read  Size 

OSR 

Optimize  For  Sequential  Reads 

OSW 

Optimize  For  Sequential  Writes 

OWA 

Optimal  Write  Alignment 

OWS 

Optimal  Write  Size 

RBP 

Rebuild  Priority 

RBV 

Read  Back  Verify  Enabled 

RMP 

Remap  Enabled 

STS 

Stripe  Size 

WTC 

Write-Through  Caching  Enabled 

YNK 

Removable 

break 

Removes  the  plex  from  the  currently  selected  LUN.  The  plex  and  the  data  it  contained  are  not  retained,  and  the 
drive  extents  may  be  reclaimed. 


Syntax 


break  plex=<plex_number>  [noerr] 

Parameters 

plex 

Specifies  the  number  of  the  plex  to  remove.  The  plex  and  the  data  it  contained  will  not  be  retained,  and  the 
resources  used  by  this  plex  will  be  reclaimed.  The  data  contained  on  the  LUN  is  not  guaranteed  to  be  consistent.  If 
you  want  to  retain  this  plex,  use  the  Volume  Shadow  Copy  Service  (VSS). 

noerr 

Specifies  that  any  failures  that  occur  while  performing  this  operation  will  be  ignored.  This  is  useful  in  script  mode. 

Remarks 

NOTE 

You  must  first  select  a  mirrored  LUN  before  using  the  break  command. 

Caution 

All  data  on  the  plex  will  be  deleted. 

Caution 

All  data  contained  on  the  original  LUN  is  not  guaranteed  to  be  consistent. 

chap 

Sets  the  Challenge  Handshake  Authentication  Protocol  (CHAP)  shared  secret  so  that  iSCSI  initiators  and  iSCSI 
targets  can  communicate  with  one  another. 

Syntax 

chap  initiator  set  secret=[<secret>]  [target=<target>] 
chap  initiator  remember  secret=[<secret>]  target=<target> 
chap  target  set  secret=[<secret>]  [initiator=<initiatorname>] 
chap  target  remember  secret=[<secret>]  initiator=<initiatorname> 

Parameters 
initiator  set 

Sets  the  shared  secret  in  the  local  iSCSI  initiator  service  used  for  mutual  CHAP  authentication  when  the  initiator 
authenticates  the  target. 

initiator  remember 

Communicates  the  CHAP  secret  of  an  iSCSI  target  to  the  local  iSCSI  initiator  service  so  that  the  initiator  service 
can  use  the  secret  in  order  to  authenticate  itself  to  the  target  during  CHAP  authentication. 

target  set 

Sets  the  shared  secret  in  the  currently  selected  iSCSI  target  used  for  CHAP  authentication  when  the  target 
authenticates  the  initiator. 

target  remember 

Communicates  the  CHAP  secret  of  an  iSCSI  initiator  to  the  current  in-focus  iSCSI  target  so  that  the  target  can  use 
the  secret  in  order  to  authenticate  itself  to  the  initiator  during  mutual  CHAP  authentication. 

secret 

Specifies  the  secret  to  use.  If  empty  the  secret  will  be  cleared. 


target 


Specifies  a  target  in  the  currently  selected  subsystem  to  associate  with  the  secret.  This  is  optional  when  setting  a 
secret  on  the  initiator  and  leaving  it  out  indicates  that  the  secret  will  be  used  for  all  targets  that  do  not  already  have 
an  associated  secret. 

initiatorname 

Specifies  an  initiator  iSCSI  name  to  associate  with  the  secret.  This  is  optional  when  setting  a  secret  on  a  target  and 
leaving  it  out  indicates  that  the  secret  will  be  used  for  all  initiators  that  do  not  already  have  an  associated  secret 

create 

Creates  a  new  LUN  or  iSCSI  target  on  the  currently  selected  subsystem,  or  creates  a  target  portal  group  on  the 
currently  selected  target.  You  can  view  the  actual  binding  using  the  DiskRAID  list  command. 

Syntax 

create  lun  simple  [size=<n>]  [drives=<n>]  [noerr] 

create  lun  stripe  [size=<n>]  [drives=<n,  n>  [,...]]  [stripesize=<n>]  [noerr] 
create  lun  raid  [size=<n>]  [drives=<n.,  n>  [,...]]  [stripesize=<n>]  [noerr] 
create  lun  mirror  [size=<n>]  [drives=<n.,  n>  [,...]]  [stripesize=<n>]  [noerr] 
create  lun  automagic  size=<n>  [noerr] 

create  target  name=<name>  [iscsiname=<iscsiname>]  [noerr] 
create  tpgroup  [noerr] 

Parameter 

simple 

Creates  a  simple  LUN. 

stripe 

Creates  a  striped  LUN. 

RAID 

Creates  a  striped  LUN  with  parity. 

mirror 

Creates  a  mirrored  LUN. 

automagic 

Creates  a  LUN  using  the  automagic  hints  currently  in  effect  See  the  automagic  sub-command  for  more 
information. 

size  = 

Specifies  the  total  LUN  size  in  megabytes.  If  the  size=  parameter  is  not  specified,  the  LUN  created  will  be  the 
largest  possible  size  allowed  by  all  the  specified  drives. 

A  provider  typically  creates  a  LUN  at  least  as  big  as  the  requested  size,  but  the  provider  may  have  to  round  up  to 
the  next  largest  size  in  some  cases.  For  example,  if  size  is  specified  as  .99  GB  and  the  provider  can  only  allocate  GB 
disk  extents,  the  resulting  LUN  would  be  1  GB. 

To  specify  the  size  using  other  units,  use  one  of  the  following  recognized  suffixes  immediately  after  the  size: 

•  B  for  byte. 

•  KB  for  kilobyte. 

•  MB  for  megabyte. 


•  GB  for  gigabyte. 

•  TB  for  terabyte. 

•  PB  for  petabyte. 

drives= 

Specifies  the  drive_number  for  the  drives  to  use  to  create  a  LUN.  If  the  size=  parameter  is  not  specified,  the  LUN 
created  is  the  largest  possible  size  allowed  by  all  the  specified  drives.  If  the  size=  parameter  is  specified,  providers 
will  select  drives  from  the  specified  drive  list  to  create  the  LUN.  Providers  will  attempt  to  use  the  drives  in  the  order 
specified  when  possible. 

stripesize  = 

Specifies  the  size  in  megabytes  for  a  stripe  or  RAID  LUN.  The  stripesize  cannot  be  changed  after  the  LUN  is 
created. 

To  specify  the  size  using  other  units,  use  one  of  the  following  recognized  suffixes  immediately  after  the  size: 

•  B  for  byte. 

•  KB  for  kilobyte. 

•  MB  for  megabyte. 

•  GB  for  gigabyte. 

•  TB  for  terabyte. 

•  PB  for  petabyte. 

target 

Creates  a  new  iSCSI  target  on  the  currently  selected  subsystem. 

name 

Supplies  the  friendly  name  for  the  target. 

iscsiname 

Supplies  the  iSCSI  name  for  the  target  and  can  be  omitted  to  have  the  provider  generate  a  name. 

tpgroup 

Creates  a  new  iSCSI  target  portal  group  on  the  currently  selected  target. 


noerr 


Specifies  that  any  failures  that  occur  while  performing  this  operation  will  be  ignored.  This  is  useful  in  script  mode. 

Remarks 

•  Either  the  size=  or  the  drives=  parameter  must  be  specified.  They  can  also  be  used  together. 

•  The  stripe  size  for  a  LUN  cannot  be  changed  after  creation. 


delete 

Deletes  the  currently  selected  LUN,  iSCSI  target  (as  long  as  there  are  not  any  LUNs  associated  with  the  iSCSI 
target)  or  iSCSI  target  portal  group. 


Syntax 

delete  lun  [uninstall]  [noerr] 
delete  target  [noerr] 
delete  tpgroup  [noerr] 


Parameters 


lun 


Deletes  the  currently  selected  LUN  and  all  data  on  it. 

uninstall 

Specifies  that  the  disk  on  the  local  system  associated  with  the  LUN  will  be  cleaned  up  before  the  LUN  is  deleted. 

target 

Deletes  the  currently  selected  iSCSI  target  if  no  LUNs  are  associated  with  the  target. 

tpgroup 

Deletes  the  currently  selected  iSCSI  target  portal  group. 

noerr 

Specifies  that  any  failures  that  occur  while  performing  this  operation  will  be  ignored.  This  is  useful  in  script  mode. 

detail 

Displays  detailed  information  about  the  currently  selected  object  of  the  specified  type. 

Syntax 

Detail  {hbaport  |  iadapter  |  iportal  |  provider  |  subsystem  |  controller  |  port  |  drive  |  lun  |  tportal  | 
target  |  tpgroup}  [verbose] 

Parameters 

hbaport 

Lists  detailed  information  about  the  currently  selected  host  bus  adapter  (HBA)  port. 

iadapter 

Lists  detailed  information  about  the  currently  selected  iSCSI  initiator  adapter. 

iportal 

Lists  detailed  information  about  the  currently  selected  iSCSI  initiator  portal. 

provider 

Lists  detailed  information  about  the  currently  selected  provider. 

subsystem 

Lists  detailed  information  about  the  currently  selected  subsystem. 

controller 

Lists  detailed  information  about  the  currently  selected  controller. 

port 

Lists  detailed  information  about  the  currently  selected  controller  port. 

drive 

Lists  detailed  information  about  the  currently  selected  drive,  including  the  occupying  LUNs. 

lun 

Lists  detailed  information  about  the  currently  selected  LUN,  including  the  contributing  drives.  The  output  differs 


slightly  depending  on  whether  the  LUN  is  part  of  a  Fibre  Channel  or  iSCSI  subsystem.  If  the  Unmasked  Hosts  list 
contains  only  an  asterisk,  this  means  that  the  LUN  is  unmasked  to  all  hosts. 

tportal 

Lists  detailed  information  about  the  currently  selected  iSCSI  target  portal. 

target 

Lists  detailed  information  about  the  currently  selected  iSCSI  target. 

tpgroup 

Lists  detailed  information  about  the  currently  selected  iSCSI  target  portal  group. 

verbose 

For  use  only  with  the  LUN  parameter.  Lists  additional  information,  including  its  plexes. 

dissociate 

Sets  specified  list  of  controller  ports  as  inactive  for  the  currently  selected  LUN  (other  controller  ports  are  not 
affected),  or  dissociates  the  specified  list  of  iSCSI  targets  for  the  currently  selected  LUN. 

Syntax 

dissociate  controllers  <n>  [,<n>  [,...]] 
dissociate  ports  <n-m>[J<n-m>[,...]] 
dissociate  targets  <n>  [,<n>  [,...]] 

Parameter 

controllers 

For  use  with  VDS  1 .0  providers  only.  Removes  controllers  from  the  list  of  controllers  that  are  associated  with  the 
currently  selected  LUN. 

ports 

For  use  with  VDS  1 .1  providers  only.  Removes  controller  ports  from  the  list  of  controller  ports  that  are  associated 
with  the  currently  selected  LUN. 

targets 

For  use  with  VDS  1 .1  providers  only.  Removes  targets  from  the  list  of  iSCSI  targets  that  are  associated  with  the 
currently  selected  LUN. 

<n>  [, <n>  [,...]] 

For  use  with  the  controllers  or  targets  parameter.  Specifies  the  numbers  of  the  controllers  or  iSCSI  targets  to  set 
as  inactive  or  dissociate. 

<n-m>[  J<n-m>[J...]  ] 

For  use  with  the  ports  parameter.  Specifies  the  controller  ports  to  set  as  inactive  by  using  a  controller  number  (n) 
and  port  number  (m)  pair. 


Example 


DISKRAID>  SEL  LUN  5 

LUN  5  is  now  the  selected  LUN. 

DISKRAID>  ASSOCIATE  PORTS  0-0, 0-1 
Controller  port  associations  changed. 

(Controller  ports  active  after  this  command:  Ctlr  0  Port  0,  Ctlr  0  Port  1) 

DISKRAID>  ASSOCIATE  PORTS  ADD  1-1 
Controller  port  associations  changed. 

(Controller  ports  active  after  this  command:  Ctlr  0  Port  0,  Ctlr  0  Port  1,  Ctlr  1  Port  1) 

DISKRAID>  DISSOCIATE  PORTS  0-0, 1-1 
Controller  port  associations  changed. 

(Controller  ports  active  after  this  command:  Ctlr  0  Port  1) 

exit 

Exits  DiskRAID. 

Syntax 

exit 

extend 

Extends  the  currently  selected  LUN  by  adding  sectors  to  the  end  of  the  LUN.  Not  all  providers  support  extending 
LUNs.  Does  not  extend  any  volumes  or  file  systems  contained  on  the  LUN.  After  you  extend  the  LUN,  you  should 
extend  the  associated  on-disk  structures  using  the  DiskPart  extend  command. 

Syntax 

extend  lun  [size=<LUN_size>]  [drives=<drive_number>,  [<drive_number>,  ...]]  [noerr] 

Parameters 

size= 

Specifies  the  size  in  megabytes  to  extend  the  LUN.  If  the  size=  parameter  is  not  specified,  the  LUN  is  extended  by 
the  largest  possible  size  allowed  by  all  the  specified  drives.  If  the  size=  parameter  is  specified,  providers  select 
drives  from  the  list  specified  by  the  drives=  parameter  to  create  the  LUN. 

To  specify  the  size  using  other  units,  use  one  of  the  following  recognized  suffixes  immediately  after  the  size: 

•  B  for  byte. 

•  KB  for  kilobyte. 

•  MB  for  megabyte. 

•  GB  for  gigabyte. 

•  TB  for  terabyte 

•  PB  for  petabyte 

d  rives = 

Specifies  the  <drive_number>  for  the  drives  to  use  when  creating  a  LUN.  If  the  size=  parameter  is  not  specified, 
the  LUN  created  is  the  largest  possible  size  allowed  by  all  the  specified  drives.  Providers  use  the  drives  in  the  order 
specified  when  possible. 

noerr 

Specifies  that  any  failures  that  occur  while  performing  this  operation  should  be  ignored.  This  is  useful  in  script 
mode. 


Remarks 


Either  the  size  or  the  <drive>  parameter  must  be  specified.  They  can  also  be  used  together. 

flushcache 

Clears  the  cache  on  the  currently  selected  controller. 

Syntax 

flushcache  controller 

help 

Displays  a  list  of  all  DiskRAID  commands. 

Syntax 

help 

importtarget 

Retrieves  or  sets  the  current  Volume  Shadow  Copy  Service  (VSS)  import  target  that  is  set  for  the  currently 
selected  subsystem. 

Syntax 

importtarget  subsystem  [set  target] 

Parameter 
set  target 

If  specified,  sets  the  currently  selected  target  to  the  VSS  import  target  for  the  currently  selected  subsystem.  If  not 
specified,  the  command  retrieves  the  current  VSS  import  target  that  is  set  for  the  currently  selected  subsystem. 

initiator 

Retrieves  information  about  the  local  iSCSI  initiator. 

Syntax 

initiator 

invalidatecache 

Invalidates  the  cache  on  the  currently  selected  controller. 

Syntax 

invalidatecache  controller 

Ibpolicy 

Sets  the  load  balance  policy  on  the  currently  selected  LUN. 

Syntax 

Ibpolicy  set  lun  type=<type>  [paths=<path>-{primary  |  <weight>}[  ,<path>-{primary  |  <weight>}[,...]  ]  ] 

Ibpolicy  set  lun  paths=<path>-{primary  |  <weight>}[,<path>-{primary  |  <weight>}[.,...]] 


Parameters 

type 


Specifies  the  load  balance  policy.  If  the  type  is  not  specified,  then  the  path  parameter  must  be  specified.  Type  can 
be  one  of  the  following: 

FAILOVER:  U  ses  one  primary  path  with  other  paths  being  backup  paths. 

ROUNDROBIN:  Uses  all  paths  in  round-robin  fashion,  which  tries  each  path  sequentially. 

SUBSETROUNDROBIN:  Uses  all  primary  paths  in  round-robin  fashion;  backup  paths  are  used  only  if  all  primary 
paths  fail. 

DYNLQD:  U  ses  the  path  with  the  least  number  of  active  requests. 

WEIGHTED:  Uses  the  path  with  the  least  weight  (each  path  must  be  assigned  a  weight). 

LEASTBLOCKS:  Uses  the  path  with  the  least  blocks. 

VENDORSPECIFIC:  Uses  a  vendor-specific  policy. 

paths 

Specifies  whether  a  path  is  primary  or  has  a  particular  <weight>.  Any  paths  not  specified  are  implicitly  set  as 
backup.  Any  paths  listed  must  be  one  of  the  currently  selected  LUN's  paths. 

list 

Displays  a  list  of  objects  of  the  specified  type. 

Syntax 

List  {hbaports  |  iadapters  |  iportals  |  providers  |  subsystems  |  controllers  ]  ports  |  drives  |  LUNs  |  tportals 
|  targets  |  tpgroups} 

Parameters 

hbaports 

Lists  summary  information  about  all  HBA  ports  known  to  VDS.  The  currently  selected  HBA  port  is  marked  by  an 
asterisk  (*). 

iadapters 

Lists  summary  information  about  all  iSCSI  initiator  adapters  known  to  VDS.  The  currently  selected  initiator 
adapter  is  marked  by  an  asterisk  (*). 

iportals 

Lists  summary  information  about  all  iSCSI  initiator  portals  in  the  currently  selected  initiator  adapter.  The  currently 
selected  initiator  portal  is  marked  by  an  asterisk  (*). 

providers 

Lists  summary  information  about  each  provider  known  to  VDS.  The  currently  selected  provider  is  marked  by  an 
asterisk  (*). 

subsystems 

Lists  summary  information  about  each  subsystem  in  the  system.  The  currently  selected  subsystem  is  marked  by  an 
asterisk  (*). 

controllers 

Lists  summary  information  about  each  controller  in  the  currently  selected  subsystem.  The  currently  selected 
controller  is  marked  by  an  asterisk  (*). 


ports 


Lists  summary  information  about  each  controller  port  in  the  currently  selected  controller.  The  currently  selected 
port  is  marked  by  an  asterisk  (*). 

drives 

Lists  summary  information  about  each  drive  in  the  currently  selected  subsystem.  The  currently  selected  drive  is 
marked  by  an  asterisk  (*). 

luns 

Lists  summary  information  about  each  LUN  in  the  currently  selected  subsystem.  The  currently  selected  LUN  is 
marked  by  an  asterisk  (*). 

tportals 

Lists  summary  information  about  all  iSCSI  target  portals  in  the  currently  selected  subsystem.  The  currently 
selected  target  portal  is  marked  by  an  asterisk  (*). 

targets 

Lists  summary  information  about  all  iSCSI  targets  in  the  currently  selected  subsystem.  The  currently  selected 
target  is  marked  by  an  asterisk  (*). 

tpgroups 

Lists  summary  information  about  all  iSCSI  target  portal  groups  in  the  currently  selected  target.  The  currently 
selected  portal  group  is  marked  by  an  asterisk  (*). 

login 

Logs  the  specified  iSCSI  initiator  adapter  into  the  currently  selected  iSCSI  target. 

Syntax 

login  target  iadapter=<iadapter>  [type={manual  |  persistent  |  boot}]  [chap={none  |  oneway  |  mutual}]  [iportal= 
<iportal>]  [tportal=<tportal>]  [<flag>  [<flag>  [...]]] 

Parameters 

type 

Specifies  the  type  of  login  to  perform:  manual,  persistent,  or  boot.  If  unspecified,  a  manual  login  will  be 
performed. 

manual  -  Login  manually. 

persistent  -  Automatically  use  the  same  login  when  the  computer  is  restarted, 
boot  -  (This  option  is  for  future  development  and  is  not  currently  used.) 

chap 

Specifies  the  type  of  CHAP  authentication  to  use:  none,  oneway  CHAP,  or  mutual  CHAP;  if  unspecified,  no 
authentication  will  be  used. 

tportal 

Specifies  an  optional  target  portal  in  the  currently  selected  subsystem  to  use  for  the  log  in. 

iportal 

Specifies  an  optional  initiator  portal  in  the  specified  initiator  adapter  to  use  for  the  log  in. 


<flag> 

Identified  by  three  letter  acronyms: 

IPS:  Require  IPsec 
EMP:  Enable  multipath 
EHD:  Enable  header  digest 
EDD:  Enable  data  digest 
logout 

Logs  the  specified  iSCSI  initiator  adapter  out  of  the  currently  selected  iSCSI  target. 

Syntax 

logout  target  iadapter=  <iadapter> 

Parameters 

iadapter 

Specifies  the  initiator  adapter  with  a  login  session  to  logout  from. 

maintenance 

Performs  maintenance  operations  on  the  currently  selected  object  of  the  specified  type. 

Syntax 

maintenance  cobject  operation>  [count=<iteration>] 

Parameters 

<object> 

Specifies  the  type  of  object  on  which  to  perform  the  operation.  The  object  type  can  be  a  subsystem,  controller, 
port,  drive  or  LUN. 

<operation> 

Specifies  the  maintenance  operation  to  perform.  The  operation  type  can  be  spinup,  spindown,  blink,  beep  or 
ping.  An  operation  must  be  specified. 

count= 

Specifies  the  number  of  times  to  repeat  the  operation.  This  is  typically  used  with  blink,  beep, or  ping, 
name 

Sets  the  friendly  name  of  the  currently  selected  subsystem,  LUN,  or  iSCSI  target  to  the  specified  name. 

Syntax 

name  {subsystem  |  lun  |  target}  [<name>] 

Parameter 

<name> 

Specifies  a  name  for  the  subsystem,  LUN,  or  target.  The  name  must  be  less  than  64  characters  in  length.  If  no 
name  is  supplied,  the  existing  name,  if  any,  is  deleted. 


offline 


Sets  the  state  of  the  currently  selected  object  of  the  specified  type  to  offline. 

Syntax 

offline  <object> 

Parameter 

<object> 

Specifies  the  type  of  object  on  which  to  perform  this  operation.  The  <object> 

type  can  be  subsystem,  controller,  drive,  LUN,or  tportal 

online 

Sets  the  state  of  the  selected  object  of  the  specified  type  to  online.  If  object  is  hbaport,  changes  the  status  of  the 
paths  to  the  currently  selected  H  BA  port  to  online. 

Syntax 

online  <object> 

Parameter 

<object> 

Specifies  the  type  of  object  on  which  to  perform  this  operation.  The  <object> 
type  can  be  hbaport,  subsystem,  controller,  drive,  LUN,  or  tportal. 
recover 

Performs  operations  necessary,  such  as  resynchronization  or  hot  sparing,  to  repair  the  currently  selected  fault- 
tolerant  LUN.  For  example,  RECOVER  might  cause  a  hot  spare  to  be  bound  to  a  RAID  set  that  has  a  failed  disk  or 
other  disk  extent  reallocation. 

Syntax 

recover  <lun> 

reenumerate 

Reenumerates  objects  of  the  specified  type.  If  you  use  the  extend  LUN  command,  you  must  use  the  refresh 
command  to  update  the  disk  size  before  using  the  reenumerate  command. 

Syntax 

reenumerate  (subsystems  |  drives} 

Parameters 

subsystems 

Queries  the  provider  to  discover  any  new  subsystems  that  were  added  in  the  currently  selected  provider. 

drives 

Queries  the  internal  I/O  buses  to  discover  any  new  drives  that  were  added  in  the  currently  selected  subsystem. 

refresh 

Refreshes  internal  data  for  the  currently  selected  provider. 


Syntax 


refresh  provider 

rem 

Used  to  comment  scripts. 

Syntax 

Rem  <comment> 

remove 

Removes  the  specified  iSCSI  target  portal  from  the  currently  selected  target  portal  group. 

Syntax 

remove  tpgroup  tportal=<tportal>  [noerr] 

Parameter 

tpgroup  tportal=  <tportal> 

Specifies  the  iSCSI  target  portal  to  remove. 

noerr 

Specifies  that  any  failures  that  occur  while  performing  this  operation  should  be  ignored.  This  is  useful  in  script 
mode. 

replace 

Replaces  the  specified  drive  with  the  currently  selected  drive. 

Syntax 

replace  drive=<drive_number> 

Parameter 

drive= 

Specifies  the  <drive_number>  for  the  drive  to  be  replaced. 

Remarks 

•  The  specified  drive  may  not  be  the  currently  selected  drive. 

reset 

Resets  the  currently  selected  controller  or  port. 

Syntax 

Reset  {controller  |  port} 

Parameters 

controller 

Resets  the  controller. 

port 


Resets  the  port. 


select 

Displays  or  changes  the  currently  selected  object. 

Syntax 

Select  {hbaport  |  iadapter  |  iportal  |  provider  |  subsystem  |  controller  |  port  |  drive  |  lun  |  tportal  | 
target  |  tpgroup  }  [<n>] 

Parameters 

object 

Specifies  the  type  of  object  to  select.  The  <object>  type  can  be  provider,  subsystem,  controller,  drive,  or  LUN. 
hbaport  [<n>] 

Sets  the  focus  to  the  specified  local  HBA  port.  If  no  HBA  port  is  specified,  the  command  displays  the  currently 
selected  HBA  port  (if  any).  Specifying  an  invalid  HBA  port  index  results  in  no  in-focus  HBA  port.  Selecting  an  HBA 
port  deselects  any  selected  initiator  adapters  and  initiator  portals. 

iadapter  [<n>] 

Sets  the  focus  to  the  specified  local  iSCSI  initiator  adapter.  If  no  initiator  adapter  is  specified,  the  command  displays 
the  currently  selected  initiator  adapter  (if  any).  Specifying  an  invalid  initiator  adapter  index  results  in  no  in-focus 
initiator  adapter.  Selecting  an  initiator  adapter  deselects  any  selected  HBA  ports  and  initiator  portals. 

iportal  [<n>] 

Sets  the  focus  to  the  specified  local  iSCSI  initiator  portal  within  the  selected  iSCSI  initiator  adapter.  If  no  initiator 
portal  is  specified,  the  command  displays  the  currently  selected  initiator  portal  (if  any).  Specifying  an  invalid 
initiator  portal  index  results  in  no  selected  initiator  portal. 

provider  [<n>] 

Sets  the  focus  to  the  specified  provider.  If  no  provider  is  specified,  the  command  displays  the  currently  selected 
provider  (if  any).  Specifying  an  invalid  provider  index  results  in  no  in-focus  provider. 

subsystem  [<n>] 

Sets  the  focus  to  the  specified  subsystem.  If  no  subsystem  is  specified,  the  command  displays  the  subsystem  with 
focus  (if  any).  Specifying  an  invalid  subsystem  index  results  in  no  in-focus  subsystem.  Selecting  a  subsystem 
implicitly  selects  its  associated  provider. 

controller  [<n>] 

Sets  the  focus  to  the  specified  controller  within  the  currently  selected  subsystem.  If  no  controller  is  specified,  the 
command  displays  the  currently  selected  controller  (if  any).  Specifying  an  invalid  controller  index  results  in  no  in¬ 
focus  controller.  Selecting  a  controller  deselects  any  selected  controller  ports,  drives,  LUNs,  target  portals,  targets, 
and  target  portal  groups. 

port  [<n>] 

Sets  the  focus  to  the  specified  controller  port  within  the  currently  selected  controller.  If  no  port  is  specified,  the 
command  displays  the  currently  selected  port  (if  any).  Specifying  an  invalid  port  index  results  in  no  selected  port. 

drive  [<n>] 

Sets  the  focus  to  the  specified  drive,  or  physical  spindle,  within  the  currently  selected  subsystem.  If  no  drive  is 
specified,  the  command  displays  the  currently  selected  drive  (if  any).  Specifying  an  invalid  drive  index  results  in  no 
in-focus  drive.  Selecting  a  drive  deselects  any  selected  controllers,  controller  ports,  LUNs,  target  portals,  targets, 
and  target  portal  groups. 


lun  [<n>] 


Sets  the  focus  to  the  specified  LUN  within  the  currently  selected  subsystem.  If  no  LUN  is  specified,  the  command 
displays  the  currently  selected  LUN  (if  any).  Specifying  an  invalid  LUN  index  results  in  no  selected  LUN.  Selecting 
a  LUN  deselects  any  selected  controllers,  controller  ports,  drives,  target  portals,  targets,  and  target  portal  groups. 

tportal  [<n>] 

Sets  the  focus  to  the  specified  iSCSI  target  portal  within  the  currently  selected  subsystem.  If  no  target  portal  is 
specified,  the  command  displays  the  currently  selected  target  portal  (if  any).  Specifying  an  invalid  target  portal 
index  results  in  no  selected  target  portal.  Selecting  a  target  portal  deselects  any  controllers,  controller  ports,  drives, 
LUNs,  targets,  and  target  portal  groups. 

target  [<n>] 

Sets  the  focus  to  the  specified  iSCSI  target  within  the  currently  selected  subsystem.  If  no  target  is  specified,  the 
command  displays  the  currently  selected  target  (if  any).  Specifying  an  invalid  target  index  results  in  no  selected 
target.  Selecting  a  target  deselects  any  controllers,  controller  ports,  drives,  LUNs,  target  portals,  and  target  portal 
groups. 

tpgroup  [<n>] 

Sets  the  focus  to  the  specified  iSCSI  target  portal  group  within  the  currently  selected  iSCSI  target.  If  no  target 
portal  group  is  specified,  the  command  displays  the  currently  selected  target  portal  group  (if  any).  Specifying  an 
invalid  target  portal  group  index  results  in  no  in-focus  target  portal  group. 

[<n>] 

Specifies  the  <object  number>  to  select.  If  the  specified  is  not  valid,  any  existing  selections  for  objects  of  the 
specified  type  are  cleared.  If  no  is  specified,  the  current  object  is  displayed. 

setflag 

Sets  the  currently  selected  drive  as  a  hot  spare. 

Syntax 

setflag  drive  hotspare={true  |  false} 

Parameters 

true 

Selects  the  currently  selected  drive  as  a  hot  spare. 

false 

Unselects  the  currently  selected  drive  as  a  hot  spare. 

Remarks 

Hot  spares  cannot  be  used  for  ordinary  LUN  binding  operations.  They  are  reserved  for  fault  handling  only.  The 
drive  must  not  be  currently  bound  to  any  existing  LUN. 

shrink 

Reduces  the  size  of  the  selected  LUN. 

Syntax 

shrink  lun  size=<n>  [noerr] 


Parameters 


size= 

Specifies  the  desired  amount  of  space  in  megabytes  (MB)  to  reduce  the  size  of  the  LUN  by.  To  specify  the  size 
using  other  units,  use  one  of  the  recognized  suffixes  (B,  KB,  MB,  GB,  TB  and  PB)  immediately  after  the  size. 

noerr 

Specifies  that  any  failures  that  occur  while  performing  this  operation  will  be  ignored.  This  is  useful  in  script 
mode. 

standby 

Changes  the  status  of  the  paths  to  the  currently  selected  host  bus  adapter  (HBA)  port  to  STANDBY. 

Syntax 

standby  hbaport 

Parameters 

hbaport 

Changes  the  status  of  the  paths  to  the  currently  selected  host  bus  adapter  (HBA)  port  to  STANDBY. 

unmask 

Makes  the  currently  selected  LUNs  accessible  from  the  specified  hosts. 

Syntax 

unmask  LUN  {all  |  none  |  [add]  wwn=<hexadecimal_number>  [;<hexadecimal_number>  [;...]]  |  [add]  initiator 
<initiaton>[;<initiator>[j...]  ]}  [uninstall] 

Parameters 

all 

Specifies  that  the  LUN  should  be  made  accessible  from  all  hosts.  However,  you  cannot  unmask  the  LUN  to  all 
targets  in  an  iSCSI  subsystem. 


IMPORTANT 

You  must  logout  of  the  target  before  you  run  the  UNMASK  ALL  command. 


none 

Specifies  that  the  LUN  should  not  be  accessible  to  any  host. 

IMPORTANT 

You  must  logout  of  the  target  before  you  run  the  UNMASK  LUN  NONE  command. 


add 

Specifies  that  the  hosts  specified  must  be  added  to  the  existing  list  of  hosts  that  this  LUN  is  accessible  from.  If 
this  parameter  is  not  specified,  the  list  of  hosts  supplied  replaces  the  existing  list  of  hosts  that  this  LUN  is 
accessible  from. 

WWN  = 


Specifies  a  list  of  hexadecimal  numbers  representing  world-wide  names  from  which  the  LUN  or  hosts  should 


be  made  accessible.  To  mask/unmask  to  a  specific  set  of  hosts  in  a  Fibre  Channel  subsystem,  you  can  type  a 
semicolon-separated  list  of  WWN's  for  the  ports  on  the  host  machines  of  interest. 

initiator 


Specifies  a  list  of  iSCSI  initiators  to  which  the  currently  selected  LUN  should  be  made  accessible.  To 
mask/unmask  to  a  specific  set  of  hosts  in  an  iSCSI  subsystem,  you  can  type  a  semicolon-separated  list  of  iSCSI 
initiator  names  for  the  initiators  on  the  host  computers  of  interest. 

uninstall 

If  specified,  uninstalls  the  disk  associated  with  the  LUN  on  the  local  system  before  the  LUN  is  masked. 

Scripting  DiskRAID 

DiskRAID  can  be  scripted  on  any  computer  running  Windows  Server  2008  or  Windows  Server  2003  with  an 
associated  VDS  hardware  provider.  To  invoke  a  DiskRAID  script,  at  the  command  prompt  type: 

diskraid  /s  <script.txt> 

By  default,  DiskRAID  stops  processing  commands  and  returns  an  error  code  if  there  is  a  problem  in  the  script. 
To  continue  running  the  script  and  ignore  errors,  include  the  NOERR  parameter  on  the  command.  This  permits 
such  useful  practices  as  using  a  single  script  to  delete  all  the  LUNs  in  a  subsystem  regardless  of  the  total 
number  of  LUNs.  Not  all  commands  support  the  NOERR  parameter.  Errors  are  always  returned  on  command- 
syntax  errors,  regardless  of  whether  you  included  the  NOERR  parameter, 

DiskRAI  D  error  codes 


ERROR  CODE 

ERROR  DESCRIPTION 

0 

No  error  occurred.  The  entire  script  ran  without  failure. 

1 

A  fatal  exception  occurred. 

2 

The  arguments  specified  on  a  DiskRAI  D  command  line  were 
incorrect. 

3 

DiskRAI D  was  unable  to  open  the  specified  script  or  output 
file. 

4 

One  of  the  services  DiskRAID  uses  returned  a  failure. 

5  A  command  syntax  error  occurred.  The  script  failed  because 

an  object  was  improperly  selected  or  was  invalid  for  use  with 
that  command. 


Example:  Interactively  View  Status  of  Subsystem 

If  you  want  to  view  the  status  of  subsystem  0  on  your  computer,  type  the  following  at  the  command  line: 

diskraid 


Press  ENTER.  The  following  is  displayed: 


Microsoft  Diskraid  version  5.2.xxxx 
Copyright  (©)  2003  Microsoft  Corporation 
On  computer:  COMPUTE R_NAME 


To  select  subsystem  0,  type  the  following  at  the  DiskRAID  prompt: 

select  subsystem  0 


Press  ENTER.  Output  similar  to  the  following  is  displayed: 


Subsystem  0  is  now  the  selected  subsystem. 
DISKRAID>  list  drives 


Drive 

### 

Status 

Health 

Size 

Free 

Bus 

Slot 

Drive 

0 

Online 

Healthy 

107  GB 

107  GB 

0 

1 

Drive 

1 

Offline 

Healthy 

29  GB 

29  GB 

1 

0 

Drive 

2 

Online 

Healthy 

107  GB 

107  GB 

0 

2 

Drive 

3 

Not  Ready 

Healthy 

19  GB 

19  GB 

1 

1 

To  exit  DiskRAI  D,  type  the  following  at  the  DiskRAI  D  prompt: 

exit 


diskshadow 

1 0/1 7/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

diskshadow.exe  is  a  tool  that  exposes  the  functionality  offered  by  the  volume  shadow  copy  Service  (VSS).  By 
default,  diskshadow  uses  an  interactive  command  interpreter  similar  to  that  of  diskraid  or  DiskPart.  diskshadow 
also  includes  a  scriptable  mode. 


NOTE 

Membership  in  the  local  Administrators  group,  or  equivalent,  is  the  minimum  required  to  run  diskshadow. 


for  examples  of  how  to  use  diskshadow  commands,  see  Examples. 

Syntax 

for  interactive  mode,  type  the  following  at  the  command  prompt  to  start  the  diskshadow  command  interpreter: 

diskshadow 

for  script  mode,  type  the  following,  where  script.txt  is  a  script  file  containing  diskshadow  commands: 

diskshadow  -s  script.txt 


diskshadow  commands 

You  can  run  the  following  commands  in  the  diskshadow  command  interpreter  or  through  a  script  file: 


PARAMETER 

DESCRIPTION 

set_2 

Sets  the  context,  options,  verbose  mode,  and  metadata  file  for 
creating  shadow  copies. 

Simulate  restore 

Tests  writer  involvement  in  restore  sessions  on  the  computer 
without  issuing  PreRestore  or  PostRestore  events  to  writers. 

Load  metadata 

Loads  a  metadata  .cab  file  prior  to  importing  a  transportable 
shadow  copy  or  loads  the  writer  metadata  in  the  case  of  a 
restore. 

writer 

verifies  that  a  writer  or  component  is  included  or  excludes  a 
writer  or  component  from  the  backup  or  restore  procedure. 

add_1 

adds  volumes  to  the  set  of  volumes  that  are  to  be  shadow 
copied,  or  adds  aliases  to  the  alias  environment. 

PARAMETER 


DESCRIPTION 


create_1 

starts  the  shadow  copy  creation  process,  using  the  current 
context  and  option  settings. 

exec 

executes  a  file  on  the  local  computer. 

Begin  backup 

starts  a  full  backup  session. 

End  backup 

Ends  a  full  backup  session  and  issues  a  Backupcomplete 
event  with  the  appropriate  writer  state,  if  needed. 

Begin  restore 

starts  a  restore  session  and  issues  a  PreRestore  event  to 

involved  writers. 

End  restore 

Ends  a  restore  session  and  issues  a  PostRestore  event  to 

involved  writers. 

reset 

resets  diskshadow  to  the  default  state. 

list 

lists  writers,  shadow  copies,  or  currently  registered  shadow 
copy  providers  that  are  on  the  system. 

delete  shadows 

deletes  shadow  copies. 

import 

imports  a  transportable  shadow  copy  from  a  loaded  metadata 
file  into  the  system. 

mask 

removes  hardware  shadow  copies  that  were  imported  by 
using  the  import  command. 

expose 

exposes  a  persistent  shadow  copy  as  a  drive  letter,  share,  or 
mount  point. 

unexpose 

unexposes  a  shadow  copy  that  was  exposed  by  using  the 
expose  command. 

break_2 

Disassociates  a  shadow  copy  volume  from  VSS. 

revert 

reverts  a  volume  back  to  a  specified  shadow  copy. 

exit_1 

exits  diskshadow. 

remarks 

•  at  a  minimum,  only  add  and  create  are  necessary  to  create  a  shadow  copy.  However,  this  will  forfeit  the  context 
and  option  settings,  will  be  a  copy  backup,  and  will  only  create  a  shadow  copy  with  no  backup  execution  script. 

Examples 

This  is  a  sample  sequence  of  commands  that  will  create  a  shadow  copy  for  backup.  It  can  be  saved  to  file  as 
script.dsh,  and  executed  with  diskshadow  /s  script.dsh 


Assume  the  following: 


•  You  have  an  existing  directory  called  c:\diskshadowdata. 

•  Your  system  volume  is  C:  and  your  data  volume  is  D:. 

•  You  have  a  backupscript.cmd  file  in  c:\diskshadowdata. 

•  Your  backupscript.cmd  file  will  perform  the  copy  of  shadow  data  p:  and  q:  to  your  backup  drive. 
You  can  enter  these  commands  manually  or  script  them: 

#diskshadow  script  file 

set  context  persistent  nowriters 

set  metadata  c:\diskshadowdata\example.cab 

set  verbose  on 

begin  backup 

add  volume  c:  alias  Systemvolumeshadow 
add  volume  d:  alias  Datavolumeshadow 

create 

expose  %Systemvolumeshadow%  p: 

expose  %Datavolumeshadow%  q: 

exec  c : \diskshadowdata\backupscript . cmd 

end  backup 

#End  of  script 

additional  references 

Command-Line  Syntax  Key 


dispdiag 

4/13/2018  •  1  min  to  read  •  EditOnline 

Logs  display  information  to  a  file. 

Syntax 

dispdiag  [-testacpi]  [-d]  [-delay  <Seconds>] 

[-out  <FilePath>] 

Parameters 

PARAMETER 

DESCRIPTION 

-  testacpi 

Runs  hotkey  diagnostics  test.  Displays  the  key  name,  code  and 
scan  code  for  any  key  pressed  during  the  test. 

-d 

Generates  a  dump  file  with  test  results. 

-delay  <Seconds> 

Delays  the  collection  of  data  by  specified  time  in  seconds. 

-out  <  FilePath  > 

Specifies  path  and  filename  to  save  collected  data.  This  must 
be  the  last  parameter. 

-? 

Displays  available  command  parameters  and  provides  help  for 
using  them. 

Dnscmd 

10/17/2017  •  40  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

A  command-line  interface  for  managing  DNS  servers.  This  utility  is  useful  in  scripting  batch  files  to  help  automate 
routine  DNS  management  tasks,  or  to  perform  simple  unattended  setup  and  configuration  of  new  DNS  servers  on 
your  network. 

Syntax 

dnscmd  <ServerName>  <command>  [<command  parameters;*] 

Parameters 

PARAMETER 

DESCRIPTION 

The  IP  address  or  host  name  of  a  remote  or  local  DNS  server. 

Commands 

COMMAND 

DESCRIPTION 

dnscmd  /ageallrecords 

Sets  the  current  time  on  all  time  stamps  in  a  zone  or  node. 

dnscmd  /clearcache 

Clears  the  DNS  server  cache. 

dnscmd  /config 

resets  the  DNS  server  or  zone  configuration. 

dnscmd  /createbuiltindirectorypartitions 

creates  the  built-in  DNS  application  directory  partitions. 

dnscmd  /createdirectorypartition 

creates  a  DNS  application  directory  partition. 

dnscmd  /deletedirectorypartition 

deletes  a  DNS  application  directory  partition. 

dnscmd  /directorypartitioninfo 

lists  information  about  a  DNS  application  directory  partition. 

dnscmd  /enlistdirectorypartition 

adds  a  DNS  server  to  the  replication  set  of  a  DNS  application 
directory  partition. 

dnscmd  /enumdirectorypartitions 

lists  the  DNS  application  directory  partitions  for  a  server. 

dnscmd  /enumrecords 

lists  the  resource  records  in  a  zone. 

dnscmd  /enumzones 

lists  the  zones  hosted  by  the  specified  server. 

COMMAND 


DESCRIPTION 


dnscmd  /exportsettings 

Writes  server  configuration  information  to  a  text  file. 

dnscmd  /info 

Gets  server  information. 

dnscmd  /ipvalidate 

Validates  remote  DNS  servers. 

dnscmd  /nodedelete 

deletes  all  records  for  a  node  in  a  zone. 

dnscmd  /recordadd 

adds  a  resource  record  to  a  zone. 

dnscmd  /recorddelete 

removes  a  resource  record  from  a  zone. 

dnscmd  /resetforwarders 

Sets  DNS  servers  to  forward  recursive  queries. 

dnscmd  /resetlistenaddresses 

Sets  server  IP  addresses  to  serve  DNS  requests. 

dnscmd  /startscavenging 

Initiates  server  scavenging. 

dnscmd  /statistics 

Queries  or  clears  server  statistics  data. 

dnscmd  /unenlistdirectorypartition 

removes  a  DNS  server  from  the  replication  set  of  a  DNS 
application  directory  partition. 

dnscmd  /writebackfiles 

Saves  all  zone  or  root-hint  data  to  a  file. 

dnscmd  /zoneadd 

creates  a  new  zone  on  the  DNS  server. 

dnscmd  /zonechangedirectorypartition 

changes  the  directory  partition  on  which  a  zone  resides. 

dnscmd  /zonedelete 

deletes  a  zone  from  the  DNS  server. 

dnscmd  /zoneexport 

Writes  the  resource  records  of  a  zone  to  a  text  file. 

dnscmd  /zoneinfo 

Displays  zone  information. 

dnscmd  /zonepause 

pauses  a  zone. 

dnscmd  /zoneprint 

Displays  all  records  in  the  zone. 

dnscmd  /zonerefresh 

forces  a  refresh  of  the  secondary  zone  from  the  master  zone. 

dnscmd  /zonereload 

Reloads  a  zone  from  its  database. 

dnscmd  /zoneresetmasters 

changes  the  master  servers  that  provide  zone  transfer 
information  to  a  secondary  zone. 

dnscmd  /zoneresetscavengeservers 

changes  the  servers  that  can  scavenge  a  zone. 

dnscmd  /zoneresetsecondaries 

resets  secondary  information  for  a  zone. 

COMMAND 


DESCRIPTION 


dnscmd  /zoneresettype 

changes  the  zone  type. 

dnscmd  /zoneresume 

Resumes  a  zone. 

dnscmd  /zoneupdatefromds 

Updates  an  active  directory  integrated  zone  with  data  from 
active  directory  Domain  Services  (AD  DS). 

dnscmd  /zonewriteback 

dnscmd  /ageallrecords 

Saves  zone  data  to  a  file. 

Sets  the  current  time  on  a  time  stamp  on  resource  records  at  a  specified  zone  or  node  on  a  DNS  server. 

Syntax 

dnscmd  [<SenverName>]  /ageallrecords 

<ZoneName>[<NodeName>]  |  [/tree] | [/f] 

Parameters 


Specifies  the  DNS  server  that  the  administrator  plans  to  manage,  represented  by  IP  address,  fully  qualified  domain 
name  (FQDN),  or  Host  name.  If  this  parameter  is  omitted,  the  local  server  is  used. 

Specifies  the  FQDN  of  the  zone. 

Specifies  a  specific  node  or  subtree  in  the  zone.  NodeName  specifies  the  node  or  subtree  in  the  zone  using  the 
following: 

•  @  for  root  zone  or  FQDN 

•  The  FQDN  of  a  node  (the  name  with  a  period  (.)  at  the  end) 

•  A  single  label  for  the  name  relative  to  the  zone  root 
/tree 

Specifies  that  all  child  nodes  also  receive  the  time  stamp. 

ft 

Runs  the  command  without  asking  for  confirmation. 

####  remarks 

•  The  ageallrecords  command  is  for  backward  compatibility  between  the  current  version  of  DNS  and  previous 
releases  of  DNS  in  which  aging  and  scavenging  were  not  supported.  It  adds  a  time  stamp  with  the  current  time 
to  resource  records  that  do  not  have  a  time  stamp,  and  it  sets  the  current  time  on  resource  records  that  do  have 
a  time  stamp. 

•  Record  scavenging  does  not  occur  unless  the  records  are  time  stamped.  Name  server  (NS)  resource  records, 
start  of  authority  (SOA)  resource  records,  and  Windows  Internet  Name  Service  (WINS)  resource  records  are 
not  included  in  the  scavenging  process,  and  they  are  not  time  stamped  even  when  the  ageallrecords  command 
runs. 

•  This  command  fails  unless  scavenging  is  enabled  for  the  DNS  server  and  the  zone.  For  information  about  how 
to  enable  scavenging  for  the  zone,  see  the  aging  parameter  under  Zone-Level  Syntax  in  the  config  command. 

•  The  addition  of  a  time  stamp  to  DNS  resource  records  makes  them  incompatible  with  DNS  servers  that  run  on 
operating  systems  other  than  Windows  2000,  Windows  XP,  or  Windows  Server  2003.  A  time  stamp  that  you 
add  by  using  the  ageallrecords  command  cannot  be  reversed. 

•  if  none  of  the  optional  parameters  are  specified,  the  command  returns  all  resource  records  at  the  specified  node. 
If  a  value  is  specified  for  at  least  one  of  the  optional  parameters,  dnscmd  enumerates  only  the  resource  records 
that  correspond  to  the  value  or  values  that  are  specified  in  the  optional  parameter  or  parameters. 


####  Example 

See  Example  1 :  Set  the  current  time  on  a  time  stamp  to  resource  records. 

###  dnscmd  /clearcache 

Clears  the  DNS  cache  memory  of  resource  records  on  the  specified  DNS  server. 

####  Syntax 

dnscmd  [<ServerName>]  /clearcache 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

####  Sample  usage 
dnscmd  dnssvrl.contoso.com  /clearcache 
###  dnscmd  /config 

changes  values  in  the  registry  for  the  DNS  server  and  individual  zones.  Accepts  server-level  settings  and  zone- 
level  settings. 

>  [ICAUTION] 

>  Do  not  edit  the  registry  directly  unless  you  have  no  alternative.  The  registry  editor  bypasses  standard 
safeguards,  allowing  settings  that  can  degrade  performance,  damage  your  system,  or  even  require  you  to 
reinstall  Windows.  You  can  safely  alter  most  registry  settings  by  using  the  programs  in  Control  Panel  or 
Microsoft  Management  Console  (mmc).  If  you  must  edit  the  registry  directly,  back  it  up  first.  Read  the  registry 
editor  help  for  more  information. 

####  Server-level  syntax 
dnscmd  [<ServerName>]  /config  <Parameten> 

####  dnscmd  /config 

Modifies  the  configuration  of  the  specified  server. 

####  Parameters 

Specifies  the  DNS  server  that  you  are  planning  to  manage,  represented  by  local  computer  syntax,  IP  address, 
FQDN,  or  host  name.  If  this  parameter  is  omitted,  the  local  server  is  used. 

Specify  a  setting  and,  as  an  option,  a  value.  Parameter  values  use  this  syntax:  Parameter  [Value] 

The  following  parameter  values  are  described  in  the  remainder  of  this  section: 

/addressanswerlimit 

/bindsecondaries 

/bootmethod 

/defaultagingstate 

/defaultnorefreshinterval 

/defa  u  I  tref  resh  i  nterva  I 

/disableautoreversezones 

/disablensrecordsautocreation 

/dspollinginterval 

/dstombstoneinterval 

/ednscachetimeout 

/enablednsprobes 

/enablednssec 

/enableglobalnamessupport 

/enableglobalqueryblocklist 

/eventloglevel 

/forwarddelegations 

/forwardingtimeout 


•  /globalnamesqueryorder 

•  /globalqueryblocklist 

•  /isslave 

•  /localnetpriority 

•  /logfilemaxsize 

•  /logfilepath 

•  /log  i  pf  i  Iterl  i  st 

•  /loglevel 

•  /maxcachesize 

•  /maxcachettl 

•  /namecheckflag 

•  /notcp 

•  /norecursion 

•  /recursionretry 

•  /recursiontimeout 

•  /roundrobin 

•  /rpcprotocol 

•  /scavenginginterval 

•  /secureresponses 

•  /sendport 

•  /strictfileparsing 

•  /updateoptions 

•  /writeauthorityns 

•  /xfrconnecttimeout 
/addressanswerlimit  [0|5-28] 

Specifies  the  maximum  number  of  host  records  that  a  DNS  server  can  send  in  response  to  a  query.  The  value 
can  be  zero  (0),  or  it  can  be  in  the  range  of  5  through  28  records.  The  default  value  is  zero  (0). 

/bindsecondaries[0|1] 

changes  the  format  of  the  zone  transfer  so  that  it  can  achieve  maximum  compression  and  efficiency.  However, 
this  format  is  not  compatible  with  earlier  versions  of  Berkeley  Internet  Name  Domain  (BIND). 

0 

Uses  maximum  compression.  This  format  is  compatible  with  BIND  versions  4.9.4  and  later  only. 

1 

Sends  only  one  resource  record  per  message  to  non-Microsoft  DNS  servers.  This  format  is  compatible  with 
BIND  versions  earlier  than  4.9.4.  This  is  the  default  setting. 

/bootmethod[0|1|2|3] 

Determines  the  source  from  which  the  DNS  server  gets  its  configuration  information. 

0 

Clears  the  source  of  configuration  information. 

1 

Loads  from  the  BIND  file  that  is  located  in  the  DNS  directory,  which  is  %systemroot%\System32\DNS  by 
default. 

2 

Loads  from  the  registry. 

3 

Loads  from  AD  DS  and  the  registry.  This  is  the  default  setting. 

/defaultagingstate[0|1] 

Determines  whether  the  DNS  scavenging  feature  is  enabled  by  default  on  newly  created  zones. 

0 


Disables  scavenging.  This  is  the  default  setting. 

1 

Enables  scavenging. 

/defaultnorefreshinterval[0x1-0xFFFFFFFF|0xA8] 

Sets  a  period  of  time  in  which  no  refreshes  are  accepted  for  dynamically  updated  records.  Zones  on  the  server 
inherit  this  value  automatically.  To  change  the  default  value,  type  a  value  in  the  range  of  0x1  -OxFFFFFFFF.  The 
default  value  from  the  server  is  0xA8. 

/defa u I tref resh i nterva I  [Ox  1-0xFFFFFFFF| Ox A8] 

Sets  a  period  of  time  that  is  allowed  for  dynamic  updates  to  DNS  records.  Zones  on  the  server  inherit  this  value 
automatically.  To  change  the  default  value,  type  a  value  in  the  range  of  Oxl-OxFFFFFFFF.  The  default  value  from 
the  server  is  0xA8. 

/disableautoreversezones  [0|1] 

Enables  or  disables  the  automatic  creation  of  reverse  lookup  zones.  Reverse  lookup  zones  provide  resolution  of 
Internet  Protocol  (IP)  addresses  to  DNS  domain  names. 

0 

Enables  the  automatic  creation  of  reverse  lookup  zones.  This  is  the  default  setting. 

1 

Disables  the  automatic  creation  of  reverse  lookup  zones. 

/disablensrecordsautocreation  {0|  1 } 

Specifies  whether  the  DNS  server  automatically  creates  name  server  (NS)  resource  records  for  zones  that  it 
hosts. 

0 

Automatically  creates  name  server  (NS)  resource  records  for  zones  that  the  DNS  server  hosts. 

1 

Does  not  automatically  create  name  server  (NS)  resource  records  for  zones  that  the  DNS  server  hosts. 

/dspollinginterval  0-30 

Specifies  how  often  the  DNS  server  polls  AD  DS  for  changes  in  active  directory  integrated  zones. 

/dstombstoneinterval  [1-30] 

The  amount  of  time  in  seconds  to  retain  deleted  records  in  AD  DS. 

/ednscachetimeout  [] 

Specifies  the  number  of  seconds  that  extended  DNS  (EDNS)  information  is  cached.  The  minimum  value  is 
3600,  and  the  maximum  value  is  1 5,724,800.  The  default  value  is  604,800  seconds  (one  week). 

/enableednsprobes  {0|  1 } 

Enables  or  disables  the  server  to  probe  other  servers  to  determine  if  they  support  EDNS. 

0 

Disables  active  support  for  EDNS  probes. 

1 

Enables  active  support  for  EDNS  probes. 

/enablednssec  {0|  1 } 

Enables  or  disables  support  for  DNS  Security  Extensions  (DNSSEC). 

0 

Disables  DNSSEC. 

1 

Enables  DNSSEC. 

/enableglobalnamessupport  {0|  1 } 

Enables  or  disables  support  for  the  GlobalNames  zone.  The  GlobalNames  zone  supports  resolution  of  single¬ 
label  DNS  names  across  a  forest. 

0 

Disables  support  for  the  GlobalNames  zone.  When  you  set  the  value  of  this  command  to  0,  the  DNS  Server 
service  does  not  resolve  single-label  names  in  the  GlobalNames  zone. 

1 

Enables  support  for  the  GlobalNames  zone.  When  you  set  the  value  of  this  command  to  1,  the  DNS  Server 


service  resolves  single-label  names  in  the  GlobalNames  zone. 

/enableglobalqueryblocklist  {0|  1 } 

Enables  or  disables  support  for  the  global  query  block  list  that  blocks  name  resolution  for  names  in  the  list.  The 
DNS  Server  service  creates  and  enables  the  global  query  block  list  by  default  when  the  service  starts  the  first 
time.  To  view  the  current  global  query  block  list,  use  the  dnscmd  /info  /globalqueryblocklist  command. 

0 

Disables  support  for  the  global  query  block  list.  When  you  set  the  value  of  this  command  to  0,  the  DNS  Server 
service  responds  to  queries  for  names  in  the  block  list. 

1 

Enables  support  for  the  global  query  block  list.  When  you  set  the  value  of  this  command  to  1,  the  DNS  Server 
service  does  not  respond  to  queries  for  names  in  the  block  list. 

/eventloglevel  [0|1|2|4] 

Determines  which  events  are  logged  in  the  DNS  server  log  in  Event  Viewer. 

0 

Logs  no  events. 

1 

Logs  only  errors. 

2 

Logs  only  errors  and  warnings. 

4 

Logs  errors,  warnings,  and  informational  events.  This  is  the  default  setting. 

/forwarddelegations  [0|1] 

Determines  how  the  DNS  server  handles  a  query  for  a  delegated  subzone.  These  queries  can  be  sent  either  to 
the  subzone  that  is  referred  to  in  the  query  or  to  the  list  of  forwarders  that  is  named  for  the  DNS  server.  Entries 
in  the  setting  are  used  only  when  forwarding  is  enabled. 

0 

Automatically  sends  queries  that  refer  to  delegated  subzones  to  the  appropriate  subzone.  This  is  the  default 
setting. 

1 

forwards  queries  that  refer  to  the  delegated  subzone  to  the  existing  forwarders. 

/forwardingtimeout  [] 

Determines  how  many  seconds  (0x1  -OxFFFFFFFF)  a  DNS  server  waits  for  a  forwarder  to  respond  before  trying 
another  forwarder.  The  default  value  is  0x5,  which  is  5  seconds. 

/globalneamesqueryorder  {0|  1 } 

Specifies  whether  the  DNS  Server  service  looks  first  in  the  GlobalNames  zone  or  local  zones  when  it  resolves 
names. 

0 

The  DNS  Server  service  attempts  to  resolve  names  by  querying  the  GlobalNames  zone  before  it  queries  the 
zones  for  which  it  is  authoritative. 

1 

The  DNS  Server  service  attempts  to  resolve  names  by  querying  the  zones  for  which  it  is  authoritative  before  it 
queries  the  GlobalNames  zone. 

/globalqueryblocklistQ  []...] 

replaces  the  current  global  query  block  list  with  a  list  of  the  names  that  you  specify.  If  you  do  not  specify  any 
names,  this  command  clears  the  block  list.  By  default,  the  global  query  block  list  contains  the  following  items: 

•  isatap 

•  wpad 

The  DNS  Server  service  can  remove  either  or  both  of  these  names  when  it  starts  the  first  time,  if  it  finds  these 
names  in  an  existing  zone. 

/isslave  [0|1] 

Determines  how  the  DNS  server  responds  when  queries  that  it  forwards  receive  no  response. 

0 


Specifies  that  the  DNS  server  is  not  a  subordinate  (also  known  as  a  slave).  If  the  forwarder  does  not  respond, 
the  DNS  server  attempts  to  resolve  the  query  itself.  This  is  the  default  setting. 

1 

Specifies  that  the  DNS  server  is  a  subordinate.  If  the  forwarder  does  not  respond,  the  DNS  server  terminates 
the  search  and  sends  a  failure  message  to  the  resolver. 

/localnetpriority  [0|1] 

Determines  the  order  in  which  host  records  are  returned  when  the  DNS  server  has  multiple  host  records  for  the 
same  name. 

0 

Returns  the  records  in  the  order  in  which  they  are  listed  in  the  DNS  database. 

1 

Returns  the  records  that  have  similar  IP  network  addresses  first.  This  is  the  default  setting. 

/logfilemaxsize  [] 

Specifies  the  maximum  size  in  bytes  (OxIOOOO-OxFFFFFFFF)  of  the  D ns. log  file.  When  the  file  reaches  its 
maximum  size,  DNS  overwrites  the  oldest  events.  The  default  size  is  0x400000,  which  is  4  megabytes  (MB). 

/logfilepath  [<  path  +  Log FileName>] 

Specifies  the  path  of  the  Dns.log  file.  The  default  path  is  %systemroot%\System32\Dns\Dns.log.  You  can  specify 
a  different  path  by  using  the  format  path  +  LogFileName. 

/log i pf i Iterl i st  [,...] 

Specifies  which  packets  are  logged  in  the  debug  log  file.  The  entries  are  a  list  of  IP  addresses.  Only  packets 
going  to  and  from  the  IP  addresses  in  the  list  are  logged. 

/loglevel  [] 

Determines  which  types  of  events  are  recorded  in  the  Dns.log  file.  Each  event  type  is  represented  by  a 
hexadecimal  number.  If  you  want  more  than  one  event  in  the  log,  use  hexadecimal  addition  to  add  the  values, 
and  then  enter  the  sum. 

0x0 

The  DNS  server  does  not  create  a  log.  This  is  the  default  entry. 

0x10 

Logs  queries. 

0x10 

Logs  notifications. 

0x20 

Logs  updates. 

OxFE 

Logs  nonquery  transactions. 

0x100 

Logs  question  transactions. 

0x200 

Logs  answers. 

0x1000 

Logs  send  packets. 

0x2000 

Logs  receive  packets. 

0x4000 

Logs  User  Datagram  Protocol  (UDP)  packets. 

0x8000 

Logs  Transmission  Control  Protocol  (TCP)  packets. 

OxFFFF 

Logs  all  packets. 

0x10000 

Logs  active  directory  write  transactions. 

0x20000 


Logs  active  directory  update  transactions. 

0x1000000 

Logs  full  packets. 

0x80000000 

Logs  write-through  transactions. 

/maxcachesize 

Specifies  the  maximum  size,  in  kilobytes  (KB),  of  the  DNS  server  s  memory  cache. 

/maxcachettl  [] 

Determines  how  many  seconds  (OxO-OxFFFFFFFF)  a  record  is  saved  in  the  cache.  If  the  0x0  setting  is  used,  the 
DNS  server  does  not  cache  records.  The  default  setting  is  0x15180  (86,400  seconds  or  1  day). 

/maxnegativecachettl  [] 

Specifies  how  many  seconds  (0x1  -OxFFFFFFFF)  an  entry  that  records  a  negative  answer  to  a  query  remains 
stored  in  the  DNS  cache.  The  default  setting  is  0x384  (900  seconds). 

/namecheckflag  [0|1|2|3] 

Specifies  which  character  standard  is  used  when  checking  DNS  names. 

0 

Uses  ANSI  characters  that  comply  with  Internet  Engineering  Task  force  (IETF)  Request  for  Comments  (Rfcs). 

1 

Uses  ANSI  characters  that  do  not  necessarily  comply  with  IETF  Rfcs. 

2 

Uses  multibyte  UCS  Transformation  format  8  (UTF-8)  characters.  This  is  the  default  setting. 

3 

Uses  all  characters. 

/norecursion  [0|1] 

Determines  whether  a  DNS  server  performs  recursive  name  resolution. 

0 

The  DNS  server  performs  recursive  name  resolution  if  it  is  requested  in  a  query.  This  is  the  default  setting. 

1 

The  DNS  server  does  not  perform  recursive  name  resolution. 

/notcp 

This  parameter  is  obsolete,  and  it  has  no  effect  in  current  versions  of  Windows  Server. 

/recursionretry  [] 

Determines  the  number  of  seconds  (0x1  -OxFFFFFFFF)  that  a  DNS  server  waits  before  again  trying  to  contact  a 
remote  server.  The  default  setting  is  0x3  (three  seconds).  This  value  should  be  increased  when  recursion  occurs 
over  a  slow  wide  area  network  (WAN)  link. 

/recursiontimeout  [] 

Determines  the  number  of  seconds  (0x1  -OxFFFFFFFF)  that  a  DNS  server  waits  before  discontinuing  attempts 
to  contact  a  remote  server.  The  settings  range  from  0x1  through  OxFFFFFFFF.  The  default  setting  is  OxF  (1 5 
seconds).  This  value  should  be  increased  when  recursion  occurs  over  a  slow  WAN  link. 

/roundrobin  [0|1] 

Determines  the  order  in  which  host  records  are  returned  when  a  server  has  multiple  host  records  for  the  same 
name. 

0 

The  DNS  server  does  not  use  round  robin.  Instead,  it  returns  the  first  record  to  every  query. 

1 

The  DNS  server  rotates  among  the  records  that  it  returns  from  the  top  to  the  bottom  of  the  list  of  matching 
records.  This  is  the  default  setting. 

/rpcprotocol  [0x0|0x1  |0x2|0x4|0xFFFFFFFF] 

Specifies  the  protocol  that  remote  procedure  call  (RPC)  uses  when  it  makes  a  connection  from  the  DNS  server. 

0x0 

Disables  RPC  for  DNS. 

0x1 


Uses  TCP/IP. 

0x2 

Uses  named  pipes. 

0x4 

Uses  local  procedure  call  (LPC). 

OxFFFFFFFF 

All  protocols.  This  is  the  default  setting. 

/scavenginginterval  [] 

Determines  whether  the  scavenging  feature  for  the  DNS  server  is  enabled,  and  sets  the  number  of  hours  (0x0- 
OxFFFFFFFF)  between  scavenging  cycles.  The  default  setting  is  0x0,  which  disables  scavenging  for  the  DNS 
server.  A  setting  greater  than  0x0  enables  scavenging  for  the  server  and  sets  the  number  of  hours  between 
scavenging  cycles. 

/secureresponses  [0|1] 

Determines  whether  DNS  filters  records  that  are  saved  in  a  cache. 

0 

Saves  all  responses  to  name  queries  to  a  cache.  This  is  the  default  setting. 

1 

Saves  only  the  records  that  belong  to  the  same  DNS  subtree  to  a  cache. 

/sendport  [] 

Specifies  the  port  number  (OxO-OxFFFFFFFF)  that  DNS  uses  to  send  recursive  queries  to  other  DNS  servers. 
The  default  setting  is  0x0,  which  means  that  the  port  number  is  selected  randomly. 

/serverlevelplugindll[] 

Specifies  the  path  of  a  custom  plug-in.  When  Dllpath  specifies  the  fully  qualified  path  name  of  a  valid  DNS 
server  plug-in,  the  DNS  server  calls  functions  in  the  plug-in  to  resolve  name  queries  that  are  outside  the  scope 
of  all  locally  hosted  zones.  If  a  queried  name  is  out  of  the  scope  of  the  plug-in,  the  DNS  server  performs  name 
resolution  using  forwarding  or  recursion,  as  configured.  If  Dllpath  is  not  specified,  the  DNS  server  ceases  to  use 
a  custom  plug-in  if  a  custom  plug-in  was  previously  configured. 

/strictfileparsing  [0|1] 

Determines  a  DNS  server's  behavior  when  it  encounters  an  erroneous  record  while  loading  a  zone. 

0 

The  DNS  server  continues  to  load  the  zone  even  if  the  server  encounters  an  erroneous  record.  The  error  is 
recorded  in  the  DNS  log.  This  is  the  default  setting. 

1 

The  DNS  server  stops  loading  the  zone,  and  it  records  the  error  in  the  DNS  log. 

/updateoptions 

Prohibits  dynamic  updates  of  specified  types  of  records.  If  you  want  more  than  one  record  type  to  be  prohibited 
in  the  log,  use  hexadecimal  addition  to  add  the  values,  and  then  enter  the  sum. 

0x0 

Does  not  restrict  any  record  types. 

0x1 

Excludes  start  of  authority  (SOA)  resource  records. 

0x2 

Excludes  name  server  (NS)  resource  records. 

0x4 

Excludes  delegation  of  name  server  (NS)  resource  records. 

0x8 

Excludes  server  host  records. 

0x100 

During  secure  dynamic  update,  excludes  start  of  authority  (SOA)  resource  records. 

0x200 

During  secure  dynamic  update,  excludes  root  name  server  (NS)  resource  records. 

0x30F 


During  standard  dynamic  update,  excludes  name  server  (NS)  resource  records,  start  of  authority  (SOA) 
resource  records,  and  server  host  records.  During  secure  dynamic  update,  excludes  root  name  server  (NS) 
resource  records  and  start  of  authority  (SOA)  resource  records.  Allows  delegations  and  server  host  updates. 

0x400 

During  secure  dynamic  update,  excludes  delegation  name  server  (NS)  resource  records. 

0x800 

During  secure  dynamic  update,  excludes  server  host  records. 

0x1000000 

Excludes  delegation  signer  (DS)  records. 

0x80000000 

Disables  DNS  dynamic  update. 

/writeauthorityns  [0|1] 

Determines  when  the  DNS  server  writes  name  server  (NS)  resource  records  in  the  Authority  section  of  a 
response. 

0 

Writes  name  server  (NS)  resource  records  in  the  Authority  section  of  referrals  only.  This  setting  complies  with 
Rfc  1034,  Domain  names  concepts  and  facilities,  and  with  Rfc  2181,  Clarifications  to  the  DNS  Specification.  This 
is  the  default  setting. 

1 

Writes  name  server  (NS)  resource  records  in  the  Authority  section  of  all  successful  authoritative  responses. 

/xfrconnecttimeout  [] 

Determines  the  number  of  seconds  (OxO-OxFFFFFFFF)  a  primary  DNS  server  waits  for  a  transfer  response  from 
its  secondary  server.  The  default  value  is  0x1  E  (30  seconds).  After  the  time-out  value  expires,  the  connection  is 
terminated. 

####  Zone-level  syntax 
dnscmd  /config  <Parameters> 

####  dnscmd  /config 

Modifies  the  configuration  of  the  specified  zone. 

####  Parameters 

Specify  a  setting,  a  zone  name,  and,  as  an  option,  a  value.  Parameter  values  use  this  syntax:  ZoneName 
Parameter  [Value] 

The  following  parameter  values  are  documented  in  the  remainder  of  this  section: 

/aging 

/allownsrecordsautocreation 
/allowupdate 
/forwarderslave 
/forwardertimeout 
/norefresh  interval 
/refresh  interval 
/securesecondaries 
/aging 

Enables  or  disables  scavenging  in  a  specific  zone. 

/allownsrecordsautocreation  [] 

Overrides  the  DNS  server's  name  server  (NS)  resource  record  autocreation  setting.  Name  server  (NS)  resource 
records  that  were  previously  registered  for  this  zone  are  not  affected.  Therefore,  you  must  remove  them 
manually  if  you  do  not  want  them. 

/allowupdate 

Determines  whether  the  specified  zone  accepts  dynamic  updates. 

/forwarderslave 

Overrides  the  DNS  server /isslave  setting. 


/forwardertimeout 

Determines  how  many  seconds  a  DNS  zone  waits  for  a  forwarder  to  respond  before  trying  another  forwarder. 
This  value  overrides  the  value  that  is  set  at  the  server  level. 

/norefreshinterval 

Sets  a  time  interval  for  a  zone  during  which  no  refreshes  can  dynamically  update  DNS  records  in  a  specified 
zone. 

/refreshinterval 

Sets  a  time  interval  for  a  zone  during  which  refreshes  can  dynamically  update  DNS  records  in  a  specified  zone. 

/securesecondaries 

Determines  which  secondary  servers  can  receive  zone  updates  from  the  master  server  for  this  zone. 

####  remarks 

•  The  zone  name  must  be  specified  only  for  zone-level  parameters. 

###  dnscmd  /createbuiltindirectorypartitions 

creates  a  DNS  application  directory  partition.  When  DNS  is  installed,  an  application  directory  partition  for  the 
service  is  created  at  the  forest  and  domain  levels.  Use  this  command  to  create  DNS  application  directory 
partitions  that  were  deleted  or  never  created.  With  no  parameter,  this  command  creates  a  built-in  DNS  directory 
partition  for  the  domain. 

####  Syntax 

dnscmd  [<ServerName>]  /createbuiltindirectorypartitions  [/forest]  [/alldomains] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

/forest 

creates  a  DNS  directory  partition  for  the  forest. 

/alldomains 

creates  DNS  partitions  for  all  domains  in  the  forest. 

###  dnscmd  /createdirectorypartition 

creates  a  DNS  application  directory  partition.  When  DNS  is  installed,  an  application  directory  partition  for  the 
service  is  created  at  the  forest  and  domain  levels.  This  operation  creates  additional  DNS  application  directory 
partitions. 

####  Syntax 

dnscmd  [<ServerName>]  /createdirectorypartition  <PartitionFQDN> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

The  FQDN  of  the  DNS  application  directory  partition  that  will  be  created. 

###  dnscmd  /deletedirectorypartition 

removes  an  existing  DNS  application  directory  partition. 

####  Syntax 

dnscmd  [<ServerName>]  /deletedirectorypartition  <PartitionFQDN> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

The  FQDN  of  the  DNS  application  directory  partition  that  will  be  removed. 

###  dnscmd  /directorypartitioninfo 

lists  information  about  a  specified  DNS  application  directory  partition. 

####  Syntax 


dnscmd  [<ServerName>]  /directorypartitioninfo  <PartitionFQDN>  [/detail] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

The  FQDN  of  the  DNS  application  directory  partition. 

/detail 

lists  all  information  about  the  application  directory  partition. 

###  dnscmd  /enlistdirectorypartition 

adds  the  DNS  server  to  the  specified  directory  partition's  replica  set. 

####  Syntax 

dnscmd  [<ServerName>]  /enlistdirectorypartition  <PartitionFQDN> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

The  FQDN  of  the  DNS  application  directory  partition. 

###  dnscmd  /enumdirectorypartitions 

lists  the  DNS  application  directory  partitions  for  the  specified  server. 

####  Syntax 

dnscmd  [<ServerName>]  /enumdirectorypartitions  [/custom] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

/custom 

lists  only  user-created  directory  partitions. 

###  dnscmd  /enumrecords 

lists  the  resource  records  of  a  specified  node  in  a  DNS  zone. 

####  Syntax 

dnscmd  [<ServerName>]  /enumrecords  <ZoneName>  <NodeName>  [/type  <RRtype>  <Rrdata>]  [/authority]  [/glue] 
[/additional]  [/node  |  /child  |  /startchild<ChildName>]  [/continue  |  /detail] 

####  Parameters 

Specifies  the  DNS  server  that  you  plan  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this 
parameter  is  omitted,  the  local  server  is  used. 

/enumrecords 

lists  resource  records  in  the  specified  zone. 

Specifies  the  name  of  the  zone  to  which  the  resource  records  belong. 

Specifies  the  name  of  the  node  of  the  resource  records. 

/type 

Specifies  the  type  of  resource  records  to  be  listed  and  the  type  of  data  that  is  expected: 

Specifies  the  type  of  resource  records  to  be  listed. 

S  pecifies  the  type  of  data  that  is  expected  record. 

/authority 

Includes  authoritative  data. 


/glue 

Includes  glue  data. 

/additional 

Includes  all  additional  information  about  the  listed  resource  records. 

{/node  |  /child  |  /startchild  } 

Filters  or  adds  information  to  the  resource  record  display: 

/node 

lists  only  the  resource  records  of  the  specified  node. 

/child 

lists  only  the  resource  records  of  a  specified  child  domain. 

/startchild 

Begins  the  list  at  the  specified  child  domain. 

/continue  |  /detail 

Specifies  how  the  returned  data  is  displayed. 

/continue 

lists  only  the  resource  records  with  their  type  and  data. 

/detail 

lists  all  information  about  the  resource  records. 

####  Sample  usage 

dnscmd  /enumrecords  test.contoso.com  test  /additional 
###  dnscmd  /enumzones 

lists  the  zones  that  exist  on  the  specified  DNS  server. 

####  Syntax 

dnscmd  [<ServerName>]  /enumzones  [/primary  |  /secondary  |  /forwarder  |  /stub  |  /cache  |  /auto-created] 
[/forward  |  /reverse  |  /ds  |  /file]  [/domaindirectorypartition  |  /forestdirectorypartition  | 
/customdirectorypartition  |  /legacydirectorypartition  |  /directorypartition  <PartitionFQDN>] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter 
omitted,  the  local  server  is  used. 

/primary  |  /secondary  |  /forwarder  |  /stub  |  /cache  |  /auto-created 

Filters  the  types  of  zones  to  display: 

/primary 

lists  all  zones  that  are  either  standard  primary  zones  or  active  directory  integrated  zones. 

/secondary 

lists  all  standard  secondary  zones. 

/forwarder 

lists  zones  that  forward  unresolved  queries  to  another  DNS  server. 

/stub 

lists  all  stub  zones. 

/cache 

lists  only  the  zones  that  are  loaded  into  the  cache. 

/auto-created 

lists  the  zones  that  were  created  automatically  during  the  DNS  server  installation. 

/forward  |  /reverse  |  /ds  |  /file 

Specifies  additional  filters  of  the  types  of  zones  to  display: 

/forward 

lists  forward  lookup  zones. 

/reverse 

lists  reverse  lookup  zones. 

/ds 

lists  active  directory  integrated  zones. 

/file 


lists  zones  that  are  backed  by  files. 

/domaindirectory  partition 

lists  zones  that  are  stored  in  the  domain  directory  partition. 

/forestdirectorypartition 

lists  zones  that  are  stored  in  the  forest  DNS  application  directory  partition. 

/customdirectorypartition 

lists  all  zones  that  are  stored  in  a  user-defined  application  directory  partition. 

/legacydirectorypartition 

lists  all  zones  that  are  stored  in  the  domain  directory  partition. 

/directorypartition 

lists  all  zones  that  are  stored  in  the  specified  directory  partition. 

####  remarks 

The  enumzones  parameters  act  as  filters  on  the  list  of  zones.  If  no  filters  are  specified,  a  complete  list  of  zones 
is  returned.  When  a  filter  is  specified,  only  the  zones  that  meet  that  filter's  criteria  are  included  in  the  returned 
list  of  zones. 

####  Example 

See  Example  2:  Display  a  complete  list  of  zones  on  a  DNS  server  or  Example  3:  Display  a  list  of  autocreated 
zones  on  a  DNS  server. 

###  dnscmd  /exportsettings 

creates  a  text  file  that  lists  the  configuration  details  of  a  DNS  server.  The  text  file  is  named  DnsSettings.txt.  It  is 
located  in  the  %systemroot%\system32\dns  directory  of  the  server. 

####  Syntax 

dnscmd  [<ServerName>]  /exportsettings 
####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

####  remarks 

You  can  use  the  information  in  the  file  that  dnscmd  /exportsettings  creates  to  troubleshoot  configuration 
problems  or  to  ensure  that  you  have  configured  multiple  servers  identically. 

###  dnscmd  /info 

Displays  settings  from  the  DNS  section  of  the  registry  of  the  specified  server: 

HKEY_LOCAL_MACHIN  E\SYSTEM\CurrentControlSet\Services\DNS\Parameters 

####  Syntax 

dnscmd  [<ServerName>]  /info  [<Setting>] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Any  setting  that  the  info  command  returns  can  be  specified  individually.  If  a  setting  is  not  specified,  a  report  of 
common  settings  is  returned. 

####  remarks 

This  command  displays  registry  settings  that  are  at  the  DNS  server  level.  To  display  zone-level  registry  settings, 
use  the  zoneinfo  command.  To  see  a  list  of  settings  that  can  be  displayed  with  this  command,  see  the  config 
description. 

####  Example 

See  Example  4:  Display  the  IsSlave  setting  from  a  DNS  server  or  Example  5:  Display  the  Recursiontimeout 
setting  from  a  DNS  server. 

###  dnscmd  /ipvalidate 

Tests  whether  an  IP  address  identifies  a  functioning  DNS  server  or  whether  the  DNS  server  can  act  as  a 
forwarder,  a  root  hint  server,  or  a  master  server  for  a  specific  zone. 


####  Syntax 

dnscmd  [<ServerName>]  /ipvalidate  <Context>  [<ZoneName>]  [ [<IPaddress>] ] 
####  Parameters 


Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

Specifies  the  type  of  test  to  perform.  You  can  specify  any  of  the  following  tests: 

/dnsservers  tests  that  the  computers  with  the  addresses  that  you  specify  are  functioning  DNS  servers, 
/forwarders  tests  that  the  addresses  that  you  specify  identify  DNS  servers  that  can  act  as  forwarders, 
/roothints  tests  that  the  addresses  that  you  specify  identify  DNS  servers  that  can  act  as  root  hint  name  servers, 
/zonemasters  tests  that  the  addresses  that  you  specify  identify  DNS  servers  that  are  master  servers  for 
ZoneName. 

Identifies  the  zone.  Use  this  parameter  with  the  /zonemasters  parameter. 

Specifies  the  IP  addresses  that  the  command  tests. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /ipvalidate  /dnsservers  10.0.0.1  10.0.0.2 
dnscmd  dnssvrl.contoso.com  /ipvalidate  /zonemasters  corp.contoso.com  10.0.0.2 


###  dnscmd  /nodedelete 

deletes  all  records  for  a  specified  host. 

####  Syntax 

dnscmd  [<ServerName>]  /nodedelete  <ZoneName>  <NodeName>  [/tree]  [/f] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone. 

Specifies  the  host  name  of  the  node  to  delete. 

/tree 

deletes  all  the  child  records. 

/f 

executes  the  command  without  asking  for  confirmation. 

####  Example 

See  Example  6:  delete  the  records  from  a  node. 

###  dnscmd  /recordadd 

adds  a  record  to  a  specified  zone  in  a  DNS  server. 

####  Syntax 

dnscmd  [<ServerName>]  /recordadd  <ZoneName>  <NodeName>  <RRtype>  <Rrdata> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

Specifies  the  zone  in  which  the  record  resides. 


Specifies  a  specific  node  in  the  zone. 


Specifies  the  type  of  record  to  be  added. 

Specifies  the  type  of  data  that  is  expected. 

>  [!NOTE] 

>  When  you  add  a  record,  make  sure  that  you  use  the  correct  data  type  and  data  format.  For  a  list  of  resource 
record  types  and  the  appropriate  data  types,  see  Resource  records  reference. 

####  Sample  usage 

dnscmd  dnssvnl.contoso.com  /recordadd  test  A  10.0.0.5 

dnscmd  /recordadd  test.contoso.com  test  MX  10  mailserver.test.contoso.com 


###  dnscmd  /recorddelete 

deletes  a  resource  record  from  a  specified  zone. 

####  Syntax 

dnscmd  <ServerName>  /recorddelete  <ZoneName>  <NodeName>  <RRtype>  <Rrdata>[/f] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  zone  in  which  the  resource  record  resides. 

Specifies  the  name  of  the  host. 

Specifies  the  type  of  resource  record  to  be  deleted. 

Specifies  the  type  of  data  that  is  expected. 

/f 

executes  the  command  without  asking  for  confirmation: 

Because  nodes  can  have  more  than  one  resource  record,  this  command  requires  you  to  be  very  specific  about 
the  type  of  resource  record  that  you  want  to  delete. 

if  you  specify  a  data  type  and  you  do  not  specify  a  type  of  resource  record  data,  all  records  with  that  specific 
data  type  for  the  specified  node  are  deleted. 

####  Sample  usage 

dnscmd  /recorddelete  test.contoso.com  test  MX  10  mailserver.test.contoso.com 
###  dnscmd  /resetforwarders 

selects  or  resets  the  IP  addresses  to  which  the  DNS  server  forwards  DNS  queries  when  it  cannot  resolve  them 
locally. 

####  Syntax 

dnscmd  [<ServerName>]  /resetforwarders  [<IPaddress>  [, <IPaddress>] ...] [/timeout  <timeOut>]  [/slave | /noslave] 
####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

lists  the  IP  addresses  to  which  the  DNS  server  forwards  unresolved  queries. 

/timeout 

Sets  the  number  of  seconds  that  the  DNS  server  waits  for  a  response  from  the  forwarder.  By  default,  this  value 


is  five  seconds. 

/slave|/noslave 

Determines  whether  the  DNS  server  performs  its  own  iterative  queries  if  the  forwarder  fails  to  resolve  a  query: 

/slave 

Prevents  the  DNS  server  from  performing  its  own  iterative  queries  if  the  forwarder  fails  to  resolve  a  query. 

/noslave 

Allows  the  DNS  server  to  perform  its  own  iterative  queries  if  the  forwarder  fails  to  resolve  a  query.  This  is  the 
default  setting. 

####  remarks 

By  default,  a  DNS  server  performs  iterative  queries  when  it  cannot  resolve  a  query. 

Setting  IP  addresses  by  using  the  resetforwarders  command  causes  the  DNS  server  to  perform  recursive 
queries  to  the  DNS  servers  at  the  specified  IP  addresses.  If  the  forwarders  do  not  resolve  the  query,  the  DNS 
server  can  then  perform  its  own  iterative  queries. 

if  the  /slave  parameter  is  used,  the  DNS  server  does  not  perform  its  own  iterative  queries.  This  means  that  the 
DNS  server  forwards  unresolved  queries  only  to  the  DNS  servers  in  the  list,  and  it  does  not  attempt  iterative 
queries  if  the  forwarders  do  not  resolve  them.  It  is  more  efficient  to  set  one  IP  address  as  a  forwarder  for  a  DNS 
server.  You  can  use  the  resetforwarders  command  for  internal  servers  in  a  network  to  forward  their 
unresolved  queries  to  one  DNS  server  that  has  an  external  connection. 

listing  a  forwarder  s  IP  address  twice  causes  the  DNS  server  to  attempt  to  forward  to  that  server  twice. 

####  Sample  usage 

dnscmd  dnssvnl.contoso.com  /resetforwarders  10.0.0.1  /timeout  7  /slave 
dnscmd  dnssvrl.contoso.com  /resetforwarders  /noslave 


###  dnscmd  /resetlistenaddresses 

Specifies  the  IP  addresses  on  a  server  that  listens  for  DNS  client  requests. 

####  Syntax 

dnscmd  [<ServerName>]  /resetlistenaddresses  [<listenaddress>] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  an  IP  address  on  the  DNS  server  that  listens  for  DNS  client  requests.  If  no  listen  address  is  specified, 
all  IP  addresses  on  the  server  listen  for  client  requests. 

####  remarks 

By  default,  all  IP  addresses  on  a  DNS  server  listen  for  client  DNS  requests. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /resetlistenaddresses  10.0.0.1 
###  dnscmd  /startscavenging 

Tells  a  DNS  server  to  attempt  an  immediate  search  for  stale  resource  records  in  a  specified  DNS  server. 

####  Syntax 

dnscmd  [<ServerName>]  /startscavenging 
####  Parameter 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

####  remarks 

Successful  completion  of  this  command  starts  a  scavenge  immediately. 

Although  the  command  to  start  the  scavenge  appears  to  complete  successfully,  the  scavenge  does  not  start 


unless  the  following  preconditions  are  met: 
o  Scavenging  is  enabled  for  both  the  server  and  the  zone, 
o  The  zone  is  started, 
o  The  resource  records  have  a  time  stamp. 

for  information  about  how  to  enable  scavenging  for  the  server,  see  the  scavenginginterval  parameter  under 
Server-level  syntax  in  the  config  section. 

for  information  about  how  to  enable  scavenging  for  the  zone,  see  the  aging  parameter  under  Zone-level  syntax 
in  the  config  section. 

for  information  about  how  to  start  a  zone  that  is  paused,  see  the  zoneresume  section. 

for  information  about  how  to  check  resource  records  for  a  time  stamp,  see  the  ageallrecords  section. 

if  the  scavenge  fails,  no  warning  message  appears. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /startscavenging 
###  dnscmd  /statistics 

Displays  or  clears  data  for  a  specified  DNS  server. 

####  Syntax 

dnscmd  [<ServerName>]  /statistics  [<StatID>]  [/clear] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  which  statistic  or  combination  of  statistics  to  display.  An  identification  number  is  used  to  identify  a 
statistic.  If  no  statistic  ID  number  is  specified,  all  statistics  display. 

The  following  is  a  list  of  numbers  that  can  be  specified  and  the  corresponding  statistic  that  displays: 

00000001 

time 

00000002 

query 

00000004 

query2 

00000008 

Recurse 

00000010 

Master 

00000020 

Secondary 

00000040 

WINS 

00000100 

Update 

00000200 

SkwanSec 

00000400 

Ds 

00010000 

Memory 

00100000 

PacketMem 

00040000 

Dbase 


00080000 

Records 

00200000 

NbstatMem 

/clear 

resets  the  specified  statistics  counter  to  zero. 

####  remarks 

The  statistics  command  displays  counters  that  begin  on  the  DNS  server  when  it  is  started  or  resumed. 

####  Examples 

See  Example  7:  Display  time  statistics  for  a  DNS  server  or  Example  8:  Display  NbstatMem  statistics  for  a  DNS 
server. 

###  dnscmd  /unenlistdirectorypartition 

removes  the  DNS  server  from  the  specified  directory  partition's  replica  set. 

####  Syntax 

dnscmd  [<ServerName>]  /unenlistdirectorypartition  <PartitionFQDN> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

The  FQDN  of  the  DNS  application  directory  partition  that  will  be  removed. 

###  dnscmd  /writebackfiles 

Checks  the  DNS  server  memory  for  changes,  and  writes  them  to  persistent  storage. 

####  Syntax 

dnscmd  [<ServerName>]  /writebackfiles  [<ZoneName>] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  be  updated. 

####  remarks 

The  writebackfiles  command  updates  all  dirty  zones  or  a  specified  zone.  A  zone  is  dirty  when  there  are 
changes  in  memory  that  have  not  yet  been  written  to  persistent  storage.  This  is  a  server-level  operation  that 
checks  all  zones.  You  can  specify  one  zone  in  this  operation  or  you  can  use  the  zonewriteback  operation. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /writebackfiles 
###  dnscmd  /zoneadd 
adds  a  zone  to  the  DNS  server. 

####  Syntax 

dnscmd  [<ServerName>]  /zoneadd  <ZoneName>  <Zonetype>  [/dp  <FQDN>|  {/domain | /enterprise | /legacy}] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone. 

Specifies  the  type  of  zone  to  create.  Each  zone  type  has  different  required  parameters: 

/dsprimary 

creates  an  active  directory  integrated  zone. 

/primary  /file 


creates  a  standard  primary  zone,  and  specifies  the  name  of  the  file  that  will  store  the  zone  information. 

/secondary  [...] 

creates  a  standard  secondary  zone. 

/stub  [...]  /file 

creates  a  file-backed  stub  zone. 

/dsstub  [...] 

creates  an  active  directory  integrated  stub  zone. 

/forwarder  []... /file 

Specifies  that  the  created  zone  forwards  unresolved  queries  to  another  DNS  server. 

/dsforwarder 

Specifies  that  the  created  active  directory  integrated  zone  forwards  unresolved  queries  to  another  DNS  server. 

/dp  {/domain  |  /enterprise  |  /legacy} 

Specifies  the  directory  partition  on  which  to  store  the  zone. 

Specifies  FQDN  of  the  directory  partition. 

/domain 

Stores  the  zone  on  the  domain  directory  partition. 

/enterprise 

Stores  the  zone  on  the  enterprise  directory  partition. 

/legacy 

Stores  the  zone  on  a  legacy  directory  partition. 

####  remarks 

•  Specifying  a  zone  type  of /forwarder  or  /dsforwarder  creates  a  zone  that  performs  conditional  forwarding. 
####  Sample  usage 

dnscmd  dnssvnl.contoso.com  /zoneadd  test.contoso.com  /dsprimary 

dnscmd  dnssvrl.contoso.com  /zoneadd  secondtest.contoso.com  /secondary  10.0.0.2 


###  dnscmd  /zonechangedirectorypartition 

changes  the  directory  partition  on  which  the  specified  zone  resides. 

####  Syntax 

dnscmd  [<ServerName>]  /zonechangedirectorypartition  <ZoneName>]  { [<NewPartitionName>]  |  [<Zonetype>]  } 
####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

The  FQDN  of  the  current  directory  partition  on  which  the  zone  resides. 

The  FQDN  of  the  directory  partition  that  the  zone  will  be  moved  to. 

Specifies  the  type  of  directory  partition  that  the  zone  will  be  moved  to. 

/domain 

moves  the  zone  to  the  built-in  domain  directory  partition. 

/forest 

moves  the  zone  to  the  built-in  forest  directory  partition. 

/legacy 

moves  the  zone  to  the  directory  partition  that  is  created  for  pre  active  directory  domain  controllers.  These 
directory  partitions  are  not  necessary  for  native  mode. 

###  dnscmd  /zonedelete 
deletes  a  specified  zone. 


####  Syntax 

dnscmd  [<ServerName>]  /zonedelete  <ZoneName>  [/dsdel]  [/f] 
####  Parameters 


Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  be  deleted. 

/dsdel 

deletes  the  zone  from  AD  DS. 

/f 

Runs  the  command  without  asking  for  confirmation. 

####  Example 

See  Example  9:  delete  a  zone  from  a  DNS  server. 

###  dnscmd  /zoneexport 

creates  a  text  file  that  lists  the  resource  records  of  a  specified  zone. 

####  Syntax 

dnscmd  [<ServerName>]  /zoneexport  <ZoneName>  <ZoneExportFile> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone. 

Specifies  the  name  of  the  file  to  create. 

####  remarks 

The  zoneexport  operation  creates  a  file  of  resource  records  for  an  active  directory  integrated  zone  for 
troubleshooting  purposes.  By  default,  the  file  that  this  command  creates  is  placed  in  the  DNS  directory,  which  is 
by  default  the  %systemroot%/System32/Dns  directory. 

####  Example 

See  Example  1 0:  Export  zone  resource  records  list  to  a  file. 

###  dnscmd  /zoneinfo 

Displays  settings  from  the  section  of  the  registry  of  the  specified  zone: 

HKEY_LOCAL_MACHIN  E\SYSTEM\CurrentControlSet\Services\DNS\Parameters\Zones\ 

####  Syntax 

dnscmd  [<ServerName>]  /zoneinfo  <ZoneName>  [<Setting>] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone. 

You  can  individually  specify  any  setting  that  the  zoneinfo  command  returns.  If  you  do  not  specify  a  setting,  all 
settings  are  returned. 

####  remarks 

The  zoneinfo  command  displays  registry  settings  that  are  at  the  DNS  zone  level  at 

HKEY_LOCAL_MACHIN  E\SYSTEM\CurrentControlSet\Services\DNS\Parameters\Zones\. 

To  display  server-level  registry  settings,  use  the  info  command. 

To  see  a  list  of  settings  that  you  can  display  with  this  command,  see  the  config  command. 


####  Example 

See  Example  1 1 :  Display  Refreshlnterval  setting  from  the  registry  or  Example  1 2:  Display  Aging  setting  from 
the  registry. 

###  dnscmd  /zonepause 

pauses  the  specified  zone,  which  then  ignores  query  requests. 

####  Syntax 

dnscmd  [<ServerName>]  /zonepause  <ZoneName> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  be  paused. 

####  remarks 

To  resume  a  zone  and  make  it  available  after  it  has  been  paused,  use  the  zoneresume  command. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zonepause  test.contoso.com 
###  dnscmd  /zoneprint 
lists  the  records  in  a  zone. 

####  Syntax 

dnscmd  [<ServerName>]  /zoneprint  <ZoneName> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

Identifies  the  zone  to  be  listed. 

###  dnscmd  /zonerefresh 

forces  a  secondary  DNS  zone  to  update  from  the  master  zone. 

####  Syntax 

dnscmd  <ServerName>  /zonerefresh  <ZoneName> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  be  refreshed. 

####  remarks 

The  zonerefresh  command  forces  a  check  of  the  version  number  in  the  master  server  s  start  of  authority 
(SOA)  resource  record.  If  the  version  number  on  the  master  server  is  higher  than  the  secondary  server's 
version  number,  a  zone  transfer  is  initiated  that  updates  the  secondary  server.  If  the  version  number  is  the  same, 
no  zone  transfer  occurs. 

The  forced  check  occurs  by  default  every  1 5  minutes.  To  change  the  default,  use  the  dnscmd  config 
refreshinterval  command. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zonerefresh  test.contoso.com 
###  dnscmd  /zonereload 
Copies  zone  information  from  its  source. 

####  Syntax 

dnscmd  <ServerName>  /zonereload  <ZoneName> 

####  Parameters 


Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  be  reloaded. 

####  remarks 

if  the  zone  is  active  directory  integrated,  it  reloads  from  AD  DS. 
if  the  zone  is  a  standard  file-backed  zone,  it  reloads  from  a  file. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zonereload  test.contoso.com 
###  dnscmd  /zoneresetmasters 

resets  the  I P  addresses  of  the  master  server  that  provides  zone  transfer  information  to  a  secondary  zone. 
####  Syntax 

dnscmd  <ServerName>  /zoneresetmasters  <ZoneName>  [/local]  [<IPaddress>  [<IPaddress>] . . . ] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  be  reloaded. 

/local 

Sets  a  local  master  list.  This  parameter  is  used  for  active  directory  integrated  zones. 

The  I P  addresses  of  the  master  servers  of  the  secondary  zone. 

####  remarks 

This  value  is  originally  set  when  the  secondary  zone  is  created.  Use  the  zoneresetmasters  command  on  the 
secondary  server.  This  value  has  no  effect  if  it  is  set  on  the  master  DNS  server. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zoneresetmasters  test.contoso.com  10.0.0.1 
dnscmd  dnssvrl.contoso.com  /zoneresetmasters  test.contoso.com  /local 


###  dnscmd  /zoneresetscavengeservers 

changes  the  I P  addresses  of  the  servers  that  can  scavenge  the  specified  zone. 

####  Syntax 

dnscmd  [<ServerName>]  /zoneresetscavengeservers  <ZoneName>  [<IPaddress>  [<IPaddress>] . . . ] 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

Identifies  the  zone  to  scavenge. 

lists  the  I P  addresses  of  the  servers  that  can  perform  the  scavenge.  If  this  parameter  is  omitted,  all  servers  that 
host  this  zone  can  scavenge  it. 

####  remarks 

By  default,  all  servers  that  host  a  zone  can  scavenge  that  zone. 

if  a  zone  is  hosted  on  more  than  one  DNS  server,  you  can  use  this  command  to  reduce  the  number  of  times  a 
zone  is  scavenged. 

Scavenging  must  be  enabled  on  the  DNS  server  and  zone  that  is  affected  by  this  command. 


####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zoneresetscavengeservers  test.contoso.com  10.0.0.1  10.0.0.2 
###  dnscmd  /zoneresetsecondaries 

Specifies  a  list  of  IP  addresses  of  secondary  servers  to  which  a  master  server  responds  when  it  is  asked  for  a 
zone  transfer. 

####  Syntax 

dnscmd  [<ServerName>]  /zoneresetsecondaries  <ZoneName>  {/noxfr  |  /nonsecure  |  /securens  |  /securelist 
<SecurityIPaddresses>}  {/nonotify  |  /notify  |  /notifylist  <NotifyIPaddresses>} 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  the  is  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  that  will  have  its  secondary  servers  reset. 

/noxfr  |  /nonsecure  |  /securens  |  /securelist 

Specifies  whether  all  or  only  some  of  the  secondary  servers  requesting  an  update  get  an  update. 

/noxfr 

Specifies  that  no  zone  transfers  are  allowed. 

/nonsecure 

Specifies  that  all  zone  transfer  requests  are  granted. 

/securens 

Specifies  that  only  the  server  that  is  listed  in  the  name  server  (NS)  resource  record  for  the  zone  is  granted  a 
transfer. 

/securelist 

Specifies  that  zone  transfers  are  granted  only  to  the  list  of  servers.  This  parameter  must  be  followed  by  an  IP 
address  or  addresses  that  the  master  server  uses. 

lists  the  I P  addresses  that  receive  zone  transfers  from  the  master  server.  This  parameter  is  used  only  with  the 

/securelist  parameter. 

/nonotify  |  /notify  |  /notifylist 

Specifies  that  a  change  notification  is  sent  only  to  certain  secondary  servers: 

/nonotify 

Specifies  that  no  change  notifications  are  sent  to  secondary  servers. 

/notify 

Specifies  that  change  notifications  are  sent  to  all  secondary  servers. 

/notifylist 

Specifies  that  change  notifications  are  sent  to  only  the  list  of  servers.  This  command  must  be  followed  by  an  IP 
address  or  addresses  that  the  master  server  uses. 

Specifies  the  IP  address  or  addresses  of  the  secondary  server  or  servers  to  which  change  notifications  are  sent. 
This  list  is  used  only  with  the  /notifylist  parameter. 

####  remarks 

•  Use  the  zoneresetsecondaries  command  on  the  master  server  to  specify  how  it  responds  to  zone  transfer 
requests  from  secondary  servers. 

####  Sample  usage 

dnscmd  dnssvnl.contoso.com  /zoneresetsecondaries  test.contoso.com  /noxfr  /nonotify 
dnscmd  dnssvrl.contoso.com  /zoneresetsecondaries  test.contoso.com  /securelist  11.0.0.2 


###  dnscmd  /zoneresettype 
changes  the  type  of  the  zone. 


####  Syntax 

dnscmd  [<ServerName>]  /zoneresettype  <ZoneName>  <Zonetype>  [/overwrite_mem  |  /overwrite_ds] 

####  Parameters 


Specifies  the  DNS  server  to  manage,  represented  by  local  computer  syntax,  IP  address,  FQDN,  or  host  name.  If 
this  parameter  is  omitted,  the  local  server  is  used. 

Identifies  the  zone  on  which  the  type  will  be  changed. 

Specifies  the  type  of  zone  to  create.  Each  type  has  different  required  parameters: 

/dsprimary 

creates  an  active  directory  integrated  zone. 

/primary  /file 

creates  a  standard  primary  zone. 

/secondary  [,...] 

creates  a  standard  secondary  zone. 

/stub  [,...]  /file 

creates  a  file-backed  stub  zone. 

/dsstub  [,...] 

creates  an  active  directory  integrated  stub  zone. 

/forwarder  <MasterlPaddress[,]...  /file 

Specifies  that  the  created  zone  forwards  unresolved  queries  to  another  DNS  server. 

/dsforwarder 

Specifies  that  the  created  active  directory  integrated  zone  forwards  unresolved  queries  to  another  DNS  server. 

/overwrite_mem  |  /overwrite_ds 

Specifies  how  to  overwrite  existing  data: 

/overwrite_mem 

Overwrites  DNS  data  from  data  in  AD  DS. 

/overwrite_ds 

Overwrites  existing  data  in  AD  DS. 

####  remarks 

•  Setting  the  zone  type  as  /dsforwarder  creates  a  zone  that  performs  conditional  forwarding. 

####  Sample  usage 

dnscmd  dnssvnl.contoso.com  /zoneresettype  test.contoso.com  /primary  /file 
test. contoso. com. dns 

dnscmd  dnssvrl.contoso.com  /zoneresettype  second.contoso.com  /secondary  10.0.0.2 


###  dnscmd  /zoneresume 

starts  a  specified  zone  that  was  previously  paused. 

####  Syntax 

dnscmd  <ServerName>  /zoneresume  <ZoneName> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  resume. 

####  remarks 

•  You  can  use  this  operation  to  reverse  the  zonepause  operation. 

####  Sample  usage 


dnscmd  dnssvrl.contoso.com  /zoneresume  test.contoso.com 
###  dnscmd  /zoneupdatefromds 

Updates  the  specified  active  directory  integrated  zone  from  AD  DS. 

####  Syntax 

dnscmd  <ServerName>  /zoneupdatefromds  <ZoneName> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  update. 

####  remarks 

active  directory  integrated  zones  perform  this  update  by  default  every  five  minutes.  To  change  this  parameter, 

use  the  dnscmd  config  dspollinginterval  command. 

####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zoneupdatefromds 
###  dnscmd  /zonewriteback 

Checks  DNS  server  memory  for  changes  that  are  relevant  to  a  specified  zone,  and  writes  them  to  persistent 
storage. 

####  Syntax 

dnscmd  <ServerName>  /zonewriteback  <ZoneName> 

####  Parameters 

Specifies  the  DNS  server  to  manage,  represented  by  IP  address,  FQDN,  or  host  name.  If  this  parameter  is 
omitted,  the  local  server  is  used. 

Specifies  the  name  of  the  zone  to  update. 

####  remarks 

This  is  a  zone-level  operation.  You  can  update  all  zones  on  a  DNS  server  with  the  writebackfiles  operation. 
####  Sample  usage 

dnscmd  dnssvrl.contoso.com  /zonewriteback  test.contoso.com 


doskey 

4/1 3/2018  •  9  min  to  read  •  Edit  Online 


Calls  Doskey.exe  (which  recalls  previously  entered  command-line  commands),  edits  command  lines,  and  creates 
macros. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

doskey  [/reinstall]  [/listsize=<Size>]  [/macros : [all  |  <ExeName>]  [/history]  [/insert  |  /overstrike]  [/exename= 
<ExeName>]  [/macrofile=<FileName>]  [<MacroName>=[<Text>] ] 


Parameters 

PARAMETER  DESCRIPTION 


/reinstall 

Installs  a  new  copy  of  Doskey.exe  and  clears  the  command 
history  buffer. 

/listsize=  <  Size> 

Specifies  the  maximum  number  of  commands  in  the  history 
buffer. 

/macros 

Displays  a  list  of  all  doskey  macros.  You  can  use  the 
redirection  symbol  (>)  with  /macros  to  redirect  the  list  to  a 
file.  You  can  abbreviate  /macros  to  /m. 

/macros:all 

Displays  doskey  macros  for  all  executables. 

/macros:<  ExeName> 

Displays  doskey  macros  for  the  executable  specified  by 

ExeName. 

/history 

Displays  all  commands  that  are  stored  in  memory.  You  can  use 
the  redirection  symbol  (>)  with  /history  to  redirect  the  list  to 
a  file.  You  can  abbreviate  /history  as  /h. 

[/insert 

/overstrike] 

/exename=  <  ExeName> 

Specifies  the  program  (that  is,  executable)  in  which  the  doskey 

macro  runs. 

/macrofile=  <  FileName> 

Specifies  a  file  that  contains  the  macros  that  you  want  to 
install. 

<MacroName>  =  [] 

Creates  a  macro  that  carries  out  the  commands  specified  by 

Text.  MacroName  specifies  the  name  you  want  to  assign  to  the 
macro.  Text  specifies  the  commands  you  want  to  record.  If  Text 
is  left  blank,  MacroName  is  cleared  of  any  assigned 
commands. 

PARAMETER 


DESCRIPTION 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Using  Doskey.exe 

Doskey.exe  is  always  available  for  all  character-based,  interactive  programs  (such  as  program  debuggers  or 
file  transfer  programs),  and  it  maintains  a  command  history  buffer  and  macros  for  each  program  that  it 
starts.  You  cannot  use  doskey  command-line  options  from  a  program.  You  must  run  doskey  command-line 
options  before  you  start  a  program.  Program  key  assignments  override  doskey  key  assignments. 

•  Recalling  a  command 

To  recall  a  command,  you  can  use  any  of  the  following  keys  after  you  start  Doskey.exe.  If  you  use  Doskey.exe 
within  a  program,  that  program's  key  assignments  take  precedence. 


KEY 

DESCRIPTION 

UP  ARROW 

Recalls  the  command  that  you  used  before  the  one  that  is 
displayed. 

DOWN  ARROW 

Recalls  the  command  that  you  used  after  the  one  that  is 
displayed. 

PAGE  UP 

Recalls  the  first  command  that  you  used  in  the  current 
session. 

PAGE  DOWN 

Recalls  the  most  recent  command  that  you  used  in  the 
current  session. 

Editing  the  command  line 

With  Doskey.exe,  you  can  edit  the  current  command  line.  If  you  use  Doskey.exe  within  a  program,  that 
program's  key  assignments  take  precedence  and  some  Doskey.exe  editing  keys  might  not  work. 

The  following  table  lists  doskey  editing  keys  and  their  functions. 

KEY  OR  KEY  COMBINATION 

DESCRIPTION 

LEFT  ARROW 

Moves  the  insertion  point  back  one  character. 

RIGHT  ARROW 

Moves  the  insertion  point  forward  one  character. 

CTRL+ LEFT  ARROW 

Moves  the  insertion  point  back  one  word. 

CTRL+RIGHT  ARROW 

Moves  the  insertion  point  forward  one  word. 

HOME 

Moves  the  insertion  point  to  the  beginning  of  the  line. 

END 

Moves  the  insertion  point  to  the  end  of  the  line. 

ESC 

Clears  the  command  from  the  display. 

KEY  OR  KEY  COMBINATION 


DESCRIPTION 


FI 

Copies  one  character  from  a  column  in  the  template  to  the 
same  column  in  the  Command  Prompt  window.  (The 
template  is  a  memory  buffer  that  holds  the  last  command 
you  typed.) 

F2 

Searches  forward  in  the  template  for  the  next  key  that  you 
type  after  you  press  F2.  Doskey.exe  inserts  the  text  from 
the  template — up  to,  but  not  including,  the  character  you 
specify. 

F3 

Copies  the  remainder  of  the  template  to  the  command 
line.  Doskey.exe  begins  copying  characters  from  the 
position  in  the  template  that  corresponds  to  the  position 
indicated  by  the  insertion  point  on  the  command  line. 

F4 

Deletes  all  characters  from  the  current  insertion  point 
position  up  to,  but  not  including,  the  next  occurrence  of 
the  character  that  you  type  after  you  press  F4. 

F5 

Copies  the  template  into  the  current  command  line. 

F6 

Places  an  end-of-file  character  (CTRL+Z)  at  the  current 
insertion  point  position. 

F7 

Displays  (in  a  dialog  box)  all  commands  for  this  program 
that  are  stored  in  memory.  Use  the  UP  ARROW  key  and 
the  DOWN  ARROW  key  to  select  the  command  you  want, 
and  press  ENTER  to  run  the  command.  You  can  also  note 
the  sequential  number  in  front  of  the  command  and  use 
this  number  in  conjunction  with  the  F9  key. 

ALT+F7 

Deletes  all  commands  stored  in  memory  for  the  current 
history  buffer. 

F8 

Displays  all  commands  in  the  history  buffer  that  start  with 
the  characters  in  the  current  command. 

F9 

Prompts  you  for  a  history  buffer  command  number,  and 
then  displays  the  command  associated  with  the  number 
that  you  specify.  Press  ENTER  to  run  the  command.  To 
display  all  the  numbers  and  their  associated  commands, 
press  F7. 

ALT+F10 

Deletes  all  macro  definitions. 

Using  doskey  within  a  program 

Certain  character-based,  interactive  programs,  such  as  program  debuggers  or  file  transfer  programs  (FTP) 
automatically  use  Doskey.exe.  To  use  Doskey.exe,  a  program  must  be  a  console  process  and  use  buffered 
input.  Program  key  assignments  override  doskey  key  assignments.  For  example,  if  the  program  uses  the  F7 
key  for  a  function,  you  cannot  get  a  doskey  command  history  in  a  pop-up  window. 

With  Doskey.exe,  you  can  maintain  a  command  history  for  each  program  that  you  start  or  repeat.  You  can 
edit  previous  commands  at  the  program's  prompt,  and  start  doskey  macros  created  for  the  program.  If  you 
exit  and  then  restart  a  program  from  the  same  Command  Prompt  window,  the  command  history  from  the 
previous  program  session  is  available. 


You  must  run  Doskey.exe  before  you  start  a  program.  You  cannot  use  doskey  command-line  options  from  a 
program's  command  prompt,  even  if  the  program  has  a  shell  command. 

If  you  want  to  customize  how  Doskey.exe  works  with  a  program  and  create  doskey  macros  for  that 
program,  you  can  create  a  batch  program  that  modifies  Doskey.exe  and  starts  the  program. 

Specifying  a  default  Insert  mode 

If  you  press  the  INSERT  key,  you  can  type  text  on  the  doskey  command  line  in  the  midst  of  existing  text 
without  replacing  the  text.  However,  after  you  press  ENTER,  Doskey.exe  returns  your  keyboard  to  Replace 
mode.  You  must  press  INSERT  again  to  return  to  Insert  mode. 

Use  /insert  to  switch  your  keyboard  to  Insert  mode  each  time  you  press  ENTER.  Your  keyboard  effectively 
remains  in  Insert  mode  until  you  use  /overstrike.  You  can  temporarily  return  to  Replace  mode  by  pressing 
the  INSERT  key,  but  after  you  press  ENTER,  Doskey.exe  returns  your  keyboard  to  Insert  mode. 

The  insertion  point  changes  shape  when  you  use  the  INSERT  key  to  change  from  one  mode  to  the  other. 

Creating  a  macro 

You  can  use  Doskey.exe  to  create  macros  that  carry  out  one  or  more  commands.  The  following  table  lists 
special  characters  that  you  can  use  to  control  command  operations  when  you  define  a  macro. 


CHARACTER 

DESCRIPTION 

$G  or  $g 

Redirects  output.  Use  either  of  these  special  characters  to 
send  output  to  a  device  or  a  file  instead  of  to  the  screen. 
This  character  is  equivalent  to  the  redirection  symbol  for 
output  (>). 

$G$G  or  $g$g 

Appends  output  to  the  end  of  a  file.  Use  either  of  these 
double  characters  to  append  output  to  an  existing  file 
instead  of  replacing  the  data  in  the  file.  These  double 
characters  are  equivalent  to  the  append  redirection  symbol 
for  output  (>>). 

$L  or  $1 

Redirects  input.  Use  either  of  these  special  characters  to 
read  input  from  a  device  or  a  file  instead  of  from  the 
keyboard.  This  character  is  equivalent  to  the  redirection 
symbol  for  input  (<). 

$B  or  $b 

Sends  macro  output  to  a  command.  These  special 
characters  are  equivalent  to  using  the  pipe  (** 

$T  or  $t 

Separates  commands.  Use  either  of  these  special 
characters  to  separate  commands  when  you  create  macros 
or  type  commands  on  the  doskey  command  line.  These 
special  characters  are  equivalent  to  using  the  ampersand 
(&)  on  a  command  line. 

$$ 

Specifies  the  dollar-sign  character  ($). 

$1  through  $9 

Represent  any  command-line  information  you  want  to 
specify  when  you  run  the  macro.  The  special  characters  $1 
through  $9  are  batch  parameters  that  enable  you  to  use 
different  data  on  the  command  line  each  time  you  run  the 
macro.  The  $1  character  in  a  doskey  command  is  similar 
to  the  %1  character  in  a  batch  program. 

CHARACTER 


DESCRIPTION 


$*  Represents  all  the  command-line  information  that  you 

want  to  specify  when  you  type  the  macro  name.  The 
special  character  $\*  is  a  replaceable  parameter  that  is 
similar  to  the  batch  parameters  $1  through  $9,  with  one 
important  difference:  everything  you  type  on  the 
command  line  after  the  macro  name  is  substituted  for  the 
$\*  in  the  macro. 


•  Running  a  doskey  macro 

To  run  a  macro,  type  the  macro  name  at  the  command  prompt,  starting  at  the  first  position.  If  the  macro  was 
defined  with  $\*  or  any  of  the  batch  parameters  $1  through  $9,  use  a  space  to  separate  the  parameters.  You 
cannot  run  a  doskey  macro  from  a  batch  program. 

•  Creating  a  macro  with  the  same  name  as  a  Windows  Server  2003  family  command 

If  you  always  use  a  particular  command  with  specific  command-line  options,  you  can  create  a  macro  that 
has  the  same  name  as  the  command.  To  specify  whether  you  want  to  run  the  macro  or  the  command,  follow 
these  guidelines: 

o  To  run  the  macro,  type  the  macro  name  at  the  command  prompt  Do  not  add  a  space  before  the  macro 
name. 

o  To  run  the  command,  insert  one  or  more  spaces  at  the  command  prompt,  and  then  type  the  command 
name. 

•  Deleting  a  macro 

To  delete  a  macro,  type: 

doskey  <MacroName>  = 


Examples 

The  /macros  and  /history  command-line  options  are  useful  for  creating  batch  programs  to  save  macros  and 
commands.  For  example,  to  store  all  current  doskey  macros,  type: 

doskey  /macros  >  macinit 


To  use  the  macros  stored  in  Macinit,  type: 

doskey  /macrofile=macinit 


To  create  a  batch  program  named  Tmp.bat  that  contains  recently  used  commands,  type: 

doskey  /history>  tmp.bat 


To  define  a  macro  with  multiple  commands,  use  $t  to  separate  commands,  as  follows: 
doskey  tx=cd  temp$tdir/w  $* 


In  the  preceding  example,  the  TX  macro  changes  the  current  directory  to  Temp  and  then  displays  a  directory  listing 
in  wide  display  format.  You  can  use  $\*  at  the  end  of  the  macro  to  append  other  command-line  options  to  dir  when 


you  run  TX. 

The  following  macro  uses  a  batch  parameter  for  a  new  directory  name: 
doskey  mc=md  $l$tcd  $1 

The  macro  creates  a  new  directory  and  then  changes  to  the  new  directory  from  the  current  directory. 
To  use  the  preceding  macro  to  create  and  change  to  a  directory  named  Books,  type: 

me  books 

To  create  a  doskey  macro  for  a  program  called  Ftp.exe,  include  /exename  as  follows: 
doskey  /exename=ftp.exe  go=open  172.27.1.100$tmget  *.TXT  c : \reports$tbye 

To  use  the  preceding  macro,  start  FTP.  At  the  FTP  prompt,  type: 

g° 

FTP  runs  the  open,  mget,  and  bye  commands. 

To  create  a  macro  that  quickly  and  unconditionally  formats  a  disk,  type: 
doskey  qf=format  $1  /q  /u 

To  quickly  and  unconditionally  format  a  disk  in  drive  A,  type: 

qf  a : 

To  delete  a  macro  called  vlist,  type: 

doskey  vlist  = 

Additional  references 


Command-Line  Syntax  Key 


driverquery 

4/13/2018  •  1  min  to  read  •  EditOnline 

Enables  an  administrator  to  display  a  list  of  installed  device  drivers  and  their  properties.  If  used  without 
parameters,  driverquery  runs  on  the  local  computer. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

driverquery  [/s  <System>  [/u  [<Domain>\]<Username> 
/si] 

[/p  <Password>] ] ]  [/fo  {table  |  list  |  csv}]  [/nh]  [/v  | 

Parameters 

PARAMETER 

DESCRIPTION 

/s  <  System  > 

Specifies  the  name  or  IP  address  of  a  remote  computer.  Do  not 
use  backslashes.  The  default  is  the  local  computer. 

/u  [<Domain>] 

Runs  the  command  with  the  credentials  of  the  user  account  as 
specified  by  User  or  Domain* User.  By  default,  **/s*  uses  the 
credentials  of  the  user  who  is  currently  logged  on  to  the 
computer  that  is  issuing  the  command,  /u  cannot  be  used 
unless  /s  is  specified. 

/p  <  Password  > 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter,  /p  cannot  be  used  unless  /u  is  specified. 

/fo  {table 

list 

/nh 

Omits  the  header  row  from  the  displayed  driver  information. 

Not  valid  if  the  /fo  parameter  is  set  to  list. 

/v 

Displays  verbose  output,  /v  is  not  valid  for  signed  drivers. 

/si 

Provides  information  about  signed  drivers. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  display  a  list  of  installed  device  drivers  on  the  local  computer,  type: 

driverquery 

To  display  the  output  in  a  comma-separated  values  (CSV)  format,  type: 


driverquery  /fo  csv 

To  hide  the  header  row  in  the  output,  type: 

driverquery  /nh 

To  use  the  driverquery  command  on  a  remote  server  named  serverl  using  your  current  credentials  on  the  local 
computer,  type: 

driverquery  /s  serverl 

To  use  the  driverquery  command  on  a  remote  server  named  serverl  using  the  credentials  for  userl  on  the 
domain  maindom,  type: 


driverquery  /s  serverl  /u  maindom\userl  /p  p@ssw3d 


Additional  references 

Command-Line  Syntax  Key 


echo 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Displays  messages  or  turns  on  or  off  the  command  echoing  feature.  If  used  without  parameters,  echo  displays  the 
current  echo  setting. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

echo  [<Message>] 
echo  [on  |  off] 


Parameters 


PARAMETER 

DESCRIPTION 

[on 

off] 

<  Messages 

Specifies  the  text  to  display  on  the  screen. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  echo  Message  command  is  particularly  useful  when  echo  is  turned  off.  To  display  a  message  that  is  several 
lines  long  without  displaying  any  commands,  you  can  include  several  echo  Message  commands  after  the  echo 
off  command  in  your  batch  program. 

•  When  echo  is  turned  off,  the  command  prompt  does  not  appear  in  the  Command  Prompt  window.  To  display 
the  command  prompt,  type  echo  on. 

•  If  used  in  a  batch  file,  echo  on  and  echo  off  do  not  affect  the  setting  at  the  command  prompt. 

•  To  prevent  echoing  a  particular  command  in  a  batch  file,  insert  an  at  sign  (@)  in  front  of  the  command.  To 
prevent  echoing  all  commands  in  a  batch  file,  include  the  echo  off  command  at  the  beginning  of  the  file. 

•  To  display  a  pipe  (|)  or  redirection  character  (<  or  >)  when  you  are  using  echo,  use  a  caret  (A)  immediately 
before  the  pipe  or  redirection  character  (for  example,  A|,  A>,  or  A<).  To  display  a  caret,  type  two  carets  in 
succession  (AA). 

Examples 

To  display  the  current  echo  setting,  type: 

echo 

To  echo  a  blank  line  on  the  screen,  type: 

echo. 


NOTE 

Do  not  include  a  space  before  the  period.  Otherwise,  the  period  will  be  displayed  instead  of  a  blank  line. 


To  prevent  echoing  commands  at  the  command  prompt,  type: 


To  prevent  all  commands  in  a  batch  file  (including  the  echo  off  command)  from  displaying  on  the  screen,  on  the 
first  line  of  the  batch  file  type: 

@echo  off 


You  can  use  the  echo  command  as  part  of  an  if  statement.  For  example,  to  search  the  current  directory  for  any  file 
with  the  ,rpt  file  name  extension,  and  to  echo  a  message  if  such  a  file  is  found,  type: 

if  exist  *.rpt  echo  The  report  has  arrived. 


The  following  batch  file  searches  the  current  directory  for  files  with  the  .txt  file  name  extension,  and  displays  a 
message  indicating  the  results  of  the  search: 

@echo  off 

if  not  exist  *.txt  ( 

echo  This  directory  contains  no  text  files. 

)  else  ( 

echo  This  directory  contains  the  following  text  files: 
echo. 

dir  /b  *.txt 
) 


If  no  .txt  files  are  found  when  the  batch  file  is  run,  the  following  message  displays: 
This  directory  contains  no  text  files. 


If  .txt  files  are  found  when  the  batch  file  is  run  the  following  output  displays  (for  this  example,  assume  the  files 
F i I e  1  .txt,  File2.txt,  and  File3.txt  exist): 


This  directory  contains  the  following  text  files: 

Filel.txt 

File2.txt 

File3.txt 

Additional  references 

Command-Line  Syntax  Key 


edit 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Starts  MS-DOS  Editor,  which  creates  and  changes  ASCII  text  files. 
For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


edit  [/b]  [ /h ]  [/r ]  [/s]  [/<NNN>]  [ [<Drive> : ] [<Path>]<FileName>  [<FileName2>  [...]] 

Parameters 

PARAMETER 

DESCRIPTION 

[<  Drives :][]  [  [...]] 

Specifies  the  location  and  name  of  one  or  more  ASCII  text  files. 

If  the  file  does  not  exist,  MS-DOS  Editor  creates  it.  If  the  file 
exists,  MS-DOS  Editor  opens  it  and  displays  its  contents  on 
the  screen.  FileName  can  contain  wildcard  characters  (*  and  ?). 
Separate  multiple  file  names  with  spaces. 

/b 

Forces  monochrome  mode,  so  that  MS-DOS  Editor  displays  in 
black  and  white. 

/h 

Displays  the  maximum  number  of  lines  possible  for  the  current 
monitor. 

/r 

Loads  file(s)  in  read-only  mode. 

/s 

Forces  the  use  of  short  filenames. 

<NNN> 

Loads  binary  file(s),  wrapping  lines  to  NNN  characters  wide. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  For  additional  help,  open  MS-DOS 

•  Some  monitors  do  not  support  the 
keys,  use  /b. 

Editor,  and  then  press  the  FI  key. 

display  of  shortcut  keys  by  default.  If  your  monitor  does  not  display  shortcut 

Examples 

To  open  MS-DOS  Editor,  type: 

edit 

To  create  and  edit  a  file  named  newtextfile.txt  in  the  current  directory,  type: 


edit  newtextfile.txt 


endlocal 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Ends  localization  of  environment  changes  in  a  batch  file,  and  restores  environment  variables  to  their  values  before 
the  corresponding  setlocal  command  was  run. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

endlocal 


Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  The  endlocal  command  has  no  effect  outside  a  script  or  batch  file. 

•  There  is  an  implicit  endlocal  command  at  the  end  of  a  batch  file. 

•  If  command  extensions  are  enabled  (command  extensions  are  enabled  by  default),  the  endlocal  command 

restores  the  state  of  command  extensions  (that  is,  enabled  or  disabled)  to  what  it  was  before  the  corresponding 

setlocal  command  was  run. 


NOTE 

For  more  information  about  enabling  and  disabling  command  extensions,  see  Cmd. 


Examples 

You  can  localize  environment  variables  in  a  batch  file.  For  example,  the  following  program  starts  the  superapp 
batch  program  on  the  network,  directs  the  output  to  a  file,  and  displays  the  file  in  Notepad: 

@echo  off 
setlocal 

path=g: \programs\superapp;%path% 
call  superapp>c:\superapp.out 
endlocal 

start  notepad  c:\superapp.out 

Additional  references 

Command-Line  Syntax  Key 


erase 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


This  command  is  the  same  as  the  del  command.  See  Del  for  syntax  and  parameters. 


eventcreate 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Enables  an  administrator  to  create  a  custom  event  in  a  specified  event  log.  For  examples  of  how  to  use  this 
command,  see  Examples. 

Syntax 

eventcreate  [/s  <Computer>  [/u  <Domain\User>  [/p  <Password>]]  {[/l  {APPLICATION | SYSTEM}] | [/so  <SrcName>]}  /t 
{ERROR|WARNING[lNFORMATION|SUCCESSAUDIT|FAILUREAUDIT}  /id  <EventID>  /d  <Description> 


Parameters 

PARAMETER  DESCRIPTION 


/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  <Domain\User> 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  <  Users  or  <Domain\Users.  The  default  is  the 
permissions  of  the  current  logged  on  user  on  the  computer 
issuing  the  command. 

/p  < Passwords 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/I  {APPLICATION 

SYSTEM} 

/so  <SrcName> 

Specifies  the  source  to  use  for  the  event.  A  valid  source  can  be 
any  string  and  should  represent  the  application  or  component 
that  is  generating  the  event. 

A  {ERROR 

WARNING 

/id  <EventlD> 

Specifies  the  event  ID  for  the  event.  A  valid  ID  is  any  number 
from  1  to  1 000. 

/d  < Descriptions 

Specifies  the  description  to  use  for  the  newly  created  event. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Custom  events  cannot  be  written  to  the  security  log. 

Examples 


The  following  examples  show  how  you  can  use  the  eventcreate  command: 


eventcreate  /t  error  /id  100  /I  application  /d  "Create  event  in  application  log" 

eventcreate  /t  information  /id  1000  /so  winmgmt  /d  "Create  event  in  WinMgmt  source" 

eventcreate  /t  error  /id  2001  /so  winword  /I  application  /d  "new  src  WinWord  in  application  log" 

eventcreate  /s  server  /t  error  /id  100  /I  application  /d  "Remote  machine  without  user  credentials" 

eventcreate  /s  server  /u  user  /p  password  /id  100  /t  error  /I  application  /d  "Remote  machine  with  user 

credentials" 

eventcreate  /s  serverl  /s  server2  /u  user  /p  password  /id  100  /t  error  /so  winmgmt  /d  "Creating  events  on 
Multiple  remote  machines" 

eventcreate  /s  server  /u  user  /id  100  /t  warning  /so  winmgmt  /d  "Remote  machine  with  partial  user  credentials" 

Additional  References 

Command-Line  Syntax  Key 


eventquery 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


eventquery  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows.  This  tool  is 
included  in  Windows  Server  2003  .  For  more  information  see  eventquery. 


eventtriggers 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Eventtriggers  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  Eventtriggers. 


Evntcmd 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Configures  the  translation  of  events  to  traps,  trap  destinations,  or  both  based  on  information  in  a  configuration  file. 

Syntax 

evntcmd  [/s  <computerName>]  [/v  <verbosityLevel>]  [/n]  <FileName> 


Parameters 

PARAMETER 


DESCRIPTION 


/s 

Specifies,  by  name,  the  computer  on  which  you  want  to 
configure  the  translation  of  events  to  traps,  trap  destinations, 
or  both.  If  you  do  not  specify  a  computer,  the  configuration 
occurs  on  the  local  computer. 

/v 

Specifies  which  types  of  status  messages  appear  as  traps  and 
trap  destinations  are  configured.  This  parameter  must  be  an 
integer  between  0  and  10.  If  you  specify  10,  all  types  of 
messages  appear,  including  tracing  messages  and  warnings 
about  whether  trap  configuration  was  successful.  If  you  specify 
0,  no  messages  appear. 

/n 

Specifies  that  the  SNMP  service  should  not  be  restarted  if  this 
computer  receives  trap  configuration  changes. 

Specifies,  by  name,  the  configuration  file  that  contains 
information  about  the  translation  of  events  to  traps  and  trap 
destinations  you  want  to  configure. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  if  you  want  to  configure  traps  but  not  trap  destinations,  you  can  create  a  valid  configuration  file  by  using  Event 
to  Trap  Translator,  which  is  a  graphical  utility.  If  you  have  the  SNMP  service  installed,  you  can  start  Event  to  Trap 
Translator  by  typing  evntwin  at  a  command  prompt.  After  you  have  defined  the  traps  you  want,  click  Export  to 
create  a  file  suitable  for  use  with  evntcmd.  You  can  use  Event  to  Trap  Translator  to  easily  create  a  configuration 
file  and  then  use  the  configuration  file  with  evntcmd  at  the  command  prompt  to  quickly  configure  traps  on 
multiple  computers. 

•  The  syntax  for  configuring  a  trap  is  as  follows: 

#pragma  add  [  []] 

o  The  text  #pragma  must  appear  at  the  beginning  of  every  entry  in  the  file, 
o  The  parameter  add  specifies  that  you  want  to  add  an  event  to  trap  configuration. 


o  The  parameters  EventLogFile,  EventSource,  and  EventID  are  required.  The  parameter  EventLogFile 
specifies  the  file  in  which  the  event  is  recorded.  The  parameter  EventSource  specifies  the  application  that 
generates  the  event.  The  EventID  parameter  specifies  the  unique  number  that  identifies  each  event.  To 
find  out  what  values  correspond  to  particular  events,  start  Event  to  Trap  Translator  by  typing  evntwin  at 
a  command  prompt.  Click  Custom,  and  then  click  edit.  Linder  Event  Sources,  browse  the  folders  until 
you  locate  the  event  you  want  to  configure,  click  it,  and  then  click  add.  Information  about  the  event 
source,  the  event  log  file,  and  the  event  ID  appear  under  Source,  Log,  and  Trap  specific  ID,  respectively, 
o  The  Count  parameter  is  optional,  and  it  specifies  how  many  times  the  event  must  occur  before  a  trap 
message  is  sent.  If  you  do  not  use  the  Count  parameter,  the  trap  message  is  sent  after  the  event  occurs 
once. 

o  The  Period  parameter  is  optional,  but  it  requires  you  to  use  the  Count  parameter.  The  Period  parameter 
specifies  a  length  of  time  (in  seconds)  during  which  the  event  must  occur  the  number  of  times  specified 
with  the  Count  parameter  before  a  trap  message  is  sent.  If  you  do  not  use  the  Period  parameter,  a  trap 
message  is  sent  after  the  event  occurs  the  number  of  times  specified  with  the  Count  parameter,  no  matter 
how  much  time  elapses  between  occurrences. 

The  syntax  for  removing  a  trap  is  as  follows: 

#pragma  delete 

o  The  text  #pragma  must  appear  at  the  beginning  of  every  entry  in  the  file, 
o  The  parameter  delete  specifies  that  you  want  to  remove  an  event  to  trap  configuration, 
o  The  parameters  EventLogFile,  EventSource,  and  EventID  are  required.  The  parameter  EventLogFile 
specifies  the  log  in  which  the  event  is  recorded.  The  parameter  EventSource  specifies  the  application  that 
generates  the  event.  The  EventID  parameter  specifies  the  unique  number  that  identifies  each  event. 

The  syntax  for  configuring  a  trap  destination  is  as  follows: 

#pragma  add_TRAP_DEST 

o  The  text  #pragma  must  appear  at  the  beginning  of  every  entry  in  the  file. 

o  The  parameter  add_TRAP_DEST  specifies  that  you  want  trap  messages  to  be  sent  to  a  specified  host 
within  a  community. 

o  The  parameter  CommunityName  specifies,  by  name,  the  community  in  which  trap  messages  are  sent, 
o  The  parameter  HostID  specifies,  by  name  or  I P  address,  the  host  to  which  you  want  trap  messages  to  be 
sent. 

The  syntax  for  removing  a  trap  destination  is  as  follows: 

#pragma  delete_TRAP_DEST 

o  The  text  #pragma  must  appear  at  the  beginning  of  every  entry  in  the  file. 

o  The  parameter  delete_TRAP_DEST  specifies  that  you  do  not  want  trap  messages  to  be  sent  to  a  specified 
host  within  a  community. 

o  The  parameter  CommunityName  specifies,  by  name,  the  community  in  which  trap  messages  are  sent, 
o  The  parameter  HostID  specifies,  by  name  or  I P  address,  the  host  to  which  you  do  not  want  trap  messages 
to  be  sent. 

##  Examples 

The  following  examples  illustrate  entries  in  the  configuration  file  for  the  evntcmd  command.  They  are 
not  designed  to  be  typed  at  a  command  prompt. 

To  send  a  trap  message  if  the  Event  Log  service  is  restarted,  type: 

#pragma  add  System  "Eventlog"  2147489653 

To  send  a  trap  message  if  the  Event  Log  service  is  restarted  twice  in  three  minutes,  type: 

#pragma  add  System  "Eventlog"  2147489653  2  180 

To  stop  sending  a  trap  message  whenever  the  Event  Log  service  is  restarted,  type: 

#pragma  delete  System  "Eventlog"  2147489653 

To  send  trap  messages  within  the  community  named  Public  to  the  host  with  the  IP  address 
192.1 68.1 00.1 00,  type: 

#pragma  add_TRAP_DEST  public  192.168.100.100 


To  send  trap  messages  within  the  community  named  Private  to  the  host  named  Hostl,  type: 

#pragma  add_TRAP_DEST  private  Hostl 

To  stop  sending  trap  messages  within  the  community  named  Private  to  the  same  computer  on  which  you 
are  configuring  trap  destinations,  type: 

#pragma  delete_TRAP_DEST  private  localhost 
##  additional  references 
•  Command-Line  Syntax  Key 


exit 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


exits  the  Cmd.exe  program  (the  command  interpreter)  or  the  current  batch  script, 
for  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

exit  [/b]  [<exitCode>] 


Parameters 

PARAMETER  DESCRIPTION 


/b 


exits  the  current  batch  script  instead  of  exiting  Cmd.exe.  If 
executed  from  outside  a  batch  script,  exits  Cmd.exe. 


Specifies  a  numeric  number.  If  /b  is  specified,  the  ERRORLEVEL 
environment  variable  is  set  to  that  number.  If  you  are  quitting 
Cmd.exe,  the  process  exit  code  is  set  to  that  number 


/?  Displays  help  at  the  command  prompt. 


Examples 

To  close  the  command  interpreter,  Cmd.exe,  type: 

exit 


additional  references 


•  Command-Line  Syntax  Key 


expand 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


expands  one  or  more  compressed  files.  You  can  use  this  command  to  retrieve  compressed  files  from  distribution 
disks. 

Syntax 

expand  [/r ]  <source>  <destination> 

expand  /r  <source>  [<destination>] 

expand  /i  <source>  [<destination>] 

expand  /d  <source>.cab  [/f:<files>] 

expand  <sounce>.cab  /f:<files>  <destination> 


Parameters 


PARAMETER 

DESCRIPTION 

/r 

renames  expanded  files. 

source 

Specifies  the  files  to  expand.  Source  can  consist  of  a  drive  letter 
and  colon,  a  directory  name,  a  file  name,  or  a  combination  of 
these.  You  can  use  wildcards  (\*  or  ?). 

destination 

Specifies  where  files  are  to  be  expanded. 

if  source  consists  of  multiple  files  and  you  do  not  specify  /r, 
destination  must  be  a  directory. 

Destination  can  consist  of  a  drive  letter  and  colon,  a  directory 
name,  a  file  name,  or  a  combination  of  these. 

Destination  file  |  path  specification. 

/i 

renames  expanded  files  but  ignores  the  directory  structure. 

This  parameter  applies  to:  Windows  Server  2008  R2  and 

Windows  7  . 

/d 

Displays  a  list  of  files  in  the  source  location.  Does  not  expand 
or  extract  the  files. 

/f: 

Specifies  the  files  in  a  cabinet  (.cab)  file  that  you  want  to 
expand.  You  can  use  wildcards  (\*  or  ?). 

/? 

Displays  help  at  the  command  prompt. 

remarks 


Using  expand  at  the  recovery  Console 

The  expand  command,  with  different  parameters,  is  available  from  the  recovery  Console.  For  more  information 
about  the  recovery  Console,  see  article  314058  in  the  Microsoft  Knowledge  Base. 

##  additional  references 
Command-Line  Syntax  Key 


extract 


4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Syntax 

EXTRACT  [/Y]  [/A]  [/D  |  /E]  [/L  dir]  cabinet  [filename  ...] 
EXTRACT  [/Y]  source  [newname] 

EXTRACT  [/Y]  /C  source  destination 


Parameters 


PARAMETER 

DESCRIPTION 

cabinet 

File  contains  two  or  more  files. 

filename 

Name  of  the  file  to  extract  from  the  cabinet.  Wild  cards  and 
multiple  filenames  (separated  by  blanks)  may  be  used. 

source 

Compressed  file  (a  cabinet  with  only  one  file). 

newname 

New  filename  to  give  the  extracted  file.  If  not  supplied,  the 
original  name  is  used. 

/A 

Process  ALL  cabinets.  Follows  cabinet  chain  starting  in  first 
cabinet  mentioned. 

/c 

Copy  source  file  to  destination  (to  copy  from  DMF  disks). 

/D 

Display  cabinet  directory  (use  with  filename  to  avoid  extract). 

/E 

Extract  (use  instead  of.  to  extract  all  files). 

/L  dir 

Location  to  place  extracted  files  (default  is  current  directory). 

/Y 

Do  not  prompt  before  overwriting  an  existing  file. 

Additional  references 

Command-Line  Syntax  Key 


fc 

4/1 3/2018  •  4  min  to  read  •  Edit  Online 


Compares  two  files  or  sets  of  files  and  displays  the  differences  between  them. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fc  /a  [/c]  [ /I ]  [/lb<N>]  [/n]  [/off[line]]  [/t]  [ /u ]  [/w]  [/<NNNN>]  [<Drivel> : ] [<Pathl>] <FileNamel>  [<Drive2>:] 
[<Path2>]<FileName2> 

fc  /b  [<Drivel : >] [<Pathl>]<FileMamel>  [<Drive2: >] [<Path2>]<FileName2> 

Parameters 


PARAMETER 

DESCRIPTION 

/a 

Abbreviates  the  output  of  an  ASCII  comparison.  Instead  of 
displaying  all  of  the  lines  that  are  different,  fc  displays  only  the 
first  and  last  line  for  each  set  of  differences. 

/b 

Compares  the  two  files  in  binary  mode,  byte  by  byte,  and 
does  not  attempt  to  resynchronize  the  files  after  finding  a 
mismatch.  This  is  the  default  mode  for  comparing  files  that 
have  the  following  file  extensions:  .exe,  .com,  .sys,  .obj,  .lib,  or 
.bin. 

/c 

Ignores  the  letter  case. 

/I 

Compares  the  files  in  ASCII  mode,  line-by-line,  and  attempts 
to  resynchronize  the  files  after  finding  a  mismatch.  This  is  the 
default  mode  for  comparing  files,  except  files  with  the 
following  file  extensions:  .exe,  .com,  .sys,  .obj,  .lib,  or  .bin. 

/lb<N> 

Sets  the  number  of  lines  for  the  internal  line  buffer  to  N.  The 
default  length  of  the  line  buffer  is  100  lines.  If  the  files  that 
you  are  comparing  have  more  than  100  consecutive  differing 
lines,  fc  cancels  the  comparison. 

/n 

Displays  the  line  numbers  during  an  ASCII  comparison. 

/offfline] 

Does  not  skip  files  that  have  the  offline  attribute  set. 

/t 

Prevents  fc  from  converting  tabs  to  spaces.  The  default 
behavior  is  to  treat  tabs  as  spaces,  with  stops  at  each  eighth 
character  position. 

/u 

Compares  files  as  Unicode  text  files. 

PARAMETER 


DESCRIPTION 


/w 

Compresses  white  space  (that  is,  tabs  and  spaces)  during  the 
comparison.  If  a  line  contains  many  consecutive  spaces  or 
tabs,  /w  treats  these  characters  as  a  single  space.  When  used 
with  /w,  fc  ignores  white  space  at  the  beginning  and  end  of  a 
line. 

/<NNNN> 

Specifies  the  number  of  consecutive  lines  that  must  match 
following  a  mismatch,  before  fc  considers  the  files  to  be 
resynchronized.  If  the  number  of  matching  lines  in  the  files  is 
less  than  NNNN,  fc  displays  the  matching  lines  as  differences. 
The  default  value  is  2. 

[<  Drivel  >:][] 

Specifies  the  location  and  name  of  the  first  file  or  set  of  files  to 
compare.  FileNamel  is  required. 

[<  Drive2  > :][] 

Specifies  the  location  and  name  of  the  second  file  or  set  of  files 
to  compare.  FileName2  is  required. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Reporting  differences  between  files  for  an  ASCII  comparison 

When  you  use  fc  for  an  ASCII  comparison,  fc  displays  the  differences  between  two  files  in  the  following 
order: 

o  Name  of  the  first  file 

o  Lines  from  FileNamel  that  differ  between  the  files 
o  First  line  to  match  in  both  files 
o  Name  of  the  second  file 
o  Lines  from  FileName2  that  differ 
o  First  line  to  match 

•  Using /b  for  binary  comparisons 

/b  displays  mismatches  that  are  found  during  a  binary  comparison  in  the  following  syntax: 

\<XXXXXXXX:  YY  ZZ> 

The  value  of  XXXXXXXX  specifies  the  relative  hexadecimal  address  for  the  pair  of  bytes,  measured  from  the 
beginning  of  the  file.  Addresses  start  at  00000000.  The  hexadecimal  values  for  YY  and  ZZ  represent  the 
mismatched  bytes  from  FileNamel  and  FileName2,  respectively. 

•  Using  wildcard  characters 

You  can  use  wildcard  characters  (*  and  ?)  in  FileNamel  and  FileName2.  If  you  use  a  wildcard  in  FileNamel, 
fc  compares  all  the  specified  files  to  the  file  or  set  of  files  specified  by  FileName2.  If  you  use  a  wildcard  in 
FileName2,  fc  uses  the  corresponding  value  from  FileNamel. 

•  Working  with  memory 

When  comparing  ASCII  files,  fc  uses  an  internal  buffer  (large  enough  to  hold  100  lines)  as  storage.  If  the 
files  are  larger  than  the  buffer,  fc  compares  what  it  can  load  into  the  buffer.  If  fc  does  not  find  a  match  in  the 
loaded  portions  of  the  files,  it  stops  and  displays  the  following  message: 


Resynch  failed.  Files  are  too  different. 


When  comparing  binary  files  that  are  larger  than  the  available  memory,  fc  compares  both  files  completely, 
overlaying  the  portions  in  memory  with  the  next  portions  from  the  disk.  The  output  is  the  same  as  that  for 
files  that  fit  completely  in  memory. 

Examples 

To  make  an  ASCII  comparison  of  two  text  files,  Monthly.rpt  and  Sales. rpt,  and  display  the  results  in  abbreviated 
format,  type: 


fc  /a  monthly.rpt  sales. rpt 


To  make  a  binary  comparison  of  two  batch  files,  Profits.bat  and  Earnings.bat,  type: 


fc  /b  profits.bat  earnings.bat 


Results  similar  to  the  following  appear: 


00000002:  72  43 
00000004:  65  3A 
0000000E:  56  92 


000005E8 :  00  6E 

FC:  Earnings.bat  longer  than  Profits.bat 


If  the  Profits.bat  and  Earnings.bat  files  are  identical,  fc  displays  the  following  message: 


Comparing  files  Profits.bat  and  Earnings.bat 
FC:  no  differences  encountered 


To  compare  every  .bat  file  in  the  current  directory  with  the  file  New.bat,  type: 


fc  *.bat  new.bat 


To  compare  the  file  New.bat  on  drive  C  with  the  file  New.bat  on  drive  D,  type: 


fc  c: new. bat  d:*.bat 


To  compare  each  batch  file  in  the  root  directory  on  drive  C  to  the  file  with  the  same  name  in  the  root  directory  on 
drive  D,  type: 


fc  c:*.bat  d:*.bat 


Additional  references 

Command-Line  Syntax  Key 


find 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Searches  for  a  string  of  text  in  a  file  or  files,  and  displays  lines  of  text  that  contain  the  specified  string. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

find  [/v]  [/c]  [/n]  [/i]  [/off[line]]  "<String>"  [ [<Dnive> : ] [<Path>]<FileName>[ . . . ] ] 


Parameters 


PARAMETER 

DESCRIPTION 

/V 

Displays  all  lines  that  do  not  contain  the  specified  < String >. 

/C 

Counts  the  lines  that  contain  the  specified  <String>and 
displays  the  total. 

/n 

Precedes  each  line  with  the  file's  line  number. 

fi 

Specifies  that  the  search  is  not  case-sensitive. 

[/offfline]] 

Does  not  skip  files  that  have  the  offline  attribute  set. 

"<String>" 

Required.  Specifies  the  group  of  characters  (enclosed  in 
quotation  marks)  that  you  want  to  search  for. 

[<Drive>:][] 

Specifies  the  location  and  name  of  the  file  in  which  to  search 
for  the  specified  string. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Specifying  a  string 

If  you  do  not  use  /i,  find  searches  for  exactly  what  you  specify  for  String.  For  example,  the  find  command 
treats  the  characters  "a"  and  "A"  differently.  If  you  use  /i,  however,  find  is  not  case  sensitive,  and  it  treats  "a" 
and  "A"  as  the  same  character. 

If  the  string  you  want  to  search  for  contains  quotation  marks,  you  must  use  double  quotation  marks  for  each 
quotation  mark  contained  within  the  string  (for  example,  "This  ""string""  contains  quotation  marks"). 

•  Using  find  as  a  filter 

If  you  omit  a  file  name,  find  acts  as  a  filter,  taking  input  from  the  standard  input  source  (usually  the 
keyboard,  a  pipe  (|),  or  a  redirected  file)  and  then  displaying  any  lines  that  contain  String. 


•  Ordering  command  syntax 

You  can  type  parameters  and  command-line  options  for  the  find  command  in  any  order. 

•  Using  wildcards 

You  cannot  use  wildcards  (*  and  ?)  in  file  names  or  extensions  that  you  specify  with  the  find  command.  To 
search  for  a  string  in  a  set  of  files  that  you  specify  with  wildcards,  you  can  use  the  find  command  within  a 
for  command. 

•  Using /v  or /n  with /c 

If  you  use  /c  and  /v  in  the  same  command  line,  find  displays  a  count  of  the  lines  that  do  not  contain  the 
specified  string.  If  you  specify  /c  and  /n  in  the  same  command  line,  find  ignores  /n. 

•  Using  find  with  carriage  returns 

The  find  command  does  not  recognize  carriage  returns.  When  you  use  find  to  search  for  text  in  a  file  that 
includes  carriage  returns,  you  must  limit  the  search  string  to  text  that  can  be  found  between  carriage  returns 
(that  is,  a  string  that  is  not  likely  to  be  interrupted  by  a  carriage  return).  For  example,  find  does  not  report  a 
match  for  the  string  "tax  file"  if  a  carriage  return  occurs  between  the  words  "tax"  and  "file." 

Examples 

To  display  all  lines  from  Pencil.ad  that  contain  the  string  "Pencil  Sharpener",  type: 

find  "Pencil  Sharpener"  pencil.ad 

To  find  a  string  that  contains  text  within  quotation  marks,  you  must  enclose  the  entire  string  in  quotation  marks. 
Then  you  must  use  two  quotation  marks  for  each  quotation  mark  contained  within  the  string.  To  find  "The  scientists 
labeled  their  paper  "for  discussion  only."  It  is  not  a  final  report."  in  Report.doc,  type: 

find  "The  scientists  labeled  their  paper  ""for  discussion  only.""  It  is  not  a  final  report."  report.doc 

If  you  want  to  search  for  a  set  of  files,  you  can  use  the  find  command  within  the  for  command.  To  search  the 
current  directory  for  files  that  have  the  extension  .bat  and  that  contain  the  string  "PROMPT",  type: 

for  %f  in  (*.bat)  do  find  "PROMPT"  %f 

To  search  your  hard  disk  to  find  and  display  the  file  names  on  drive  C  that  contain  the  string  "CPU",  use  the  pipe  (|) 
to  direct  the  output  of  the  dir  command  to  the  find  command  as  follows: 

dir  c:\  /s  /b  |  find  "CPU" 

Because  find  searches  are  case-sensitive  and  dir  produces  uppercase  output,  you  must  either  type  the  string 
"CPU"  in  uppercase  letters  or  use  the  /i  command-line  option  with  find. 

Additional  references 


Command-Line  Syntax  Key 


findstr 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Searches  for  patterns  of  text  in  files. 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 

findstr  [/b]  [/e]  [/I  |  /r ]  [/s]  [/i]  [/x]  [/v]  [/n]  [/m]  [/o]  [/p]  [/f:<File>]  [/c : <String>]  [/g:<File>]  [/d : 
<DirList>]  [/a : <ColorAttribute>]  [/off[line]]  <Strings>  [<Drive> : ] [<Path>]<FileName>[  ...] 


Parameters 


PARAMETER 

DESCRIPTION 

/b 

Matches  the  text  pattern  if  it  is  at  the  beginning  of  a  line. 

/e 

Matches  the  text  pattern  if  it  is  at  the  end  of  a  line. 

/I 

Processes  search  strings  literally. 

/r 

Processes  search  strings  as  regular  expressions.  This  is  the 
default  setting. 

/s 

Searches  the  current  directory  and  all  subdirectories. 

/i 

Ignores  the  case  of  the  characters  when  searching  for  the 
string. 

/x 

Prints  lines  that  match  exactly. 

/v 

Prints  only  lines  that  do  not  contain  a  match. 

/n 

Prints  the  line  number  of  each  line  that  matches. 

/m 

Prints  only  the  file  name  if  a  file  contains  a  match. 

/o 

Prints  character  offset  before  each  matching  line. 

/P 

Skips  files  with  non-printable  characters. 

/off[line] 

Does  not  skip  files  that  have  the  offline  attribute  set. 

/f:<  File> 

Gets  a  file  list  from  the  specified  file. 

/c:<String> 

Uses  the  specified  text  as  a  literal  search  string. 

PARAMETER 


DESCRIPTION 


/g:  <  File> 

Gets  search  strings  from  the  specified  file. 

/d:<  DirList> 

Searches  the  specified  list  of  directories.  Each  directory  must 
be  separated  with  a  semicolon  0,  for  example 

dirl; dir2j dir3  . 

/a:  <  ColorAttribute> 

Specifies  color  attributes  with  two  hexadecimal  digits.  Type 
color  /?  for  additional  information. 

<Strings> 

Specifies  the  text  to  search  for  in  FileName.  Required. 

[<  Drive> :][][ ...] 

Specifies  the  location  and  file  or  files  to  search.  At  least  one  file 
name  is  required. 

/? 

Displays  Help  at  the  command  prompt. 

Remarks 

•  All  findstr  command-line  options  must  precede  Strings  and  FileName  in  the  command  string. 

•  Regular  expressions  use  both  literal  characters  and  metacharacters  to  find  patterns  of  text,  rather  than  exact 
strings  of  characters.  A  literal  character  is  a  character  that  does  not  have  a  special  meaning  in  the  regular- 
expression  syntax — it  matches  an  occurrence  of  that  character.  For  example,  letters  and  numbers  are  literal 
characters.  A  metacharacter  is  a  symbol  with  special  meaning  (an  operator  or  delimiter)  in  the  regular- 
expression  syntax. 

The  following  table  lists  the  metacharacters  that  findstr  accepts. 

METACHARACTER 

VALUE 

Wildcard:  any  character 

k 

Repeat:  zero  or  more  occurrences  of  the  previous  character 
or  class 

A 

Line  position:  beginning  of  the  line 

$ 

Line  position:  end  of  the  line 

[class] 

Character  class:  any  one  character  in  a  set 

[A  class] 

Inverse  class:  any  one  character  not  in  a  set 

[x-y] 

Range:  any  characters  within  the  specified  range 

\x 

Escape:  literal  use  of  a  metacharacter  x 

\<string 

Word  position:  beginning  of  the  word 

string> 

Word  position:  end  of  the  word 

The  special  characters  in  regular  expression  syntax  have  the  most  power  when  you  use  them  together.  For 


example,  use  the  following  combination  of  the  wildcard  character  (.)  and  repeat  (*)  character  to  match  any 
string  of  characters: 


.  * 

Use  the  following  expression  as  part  of  a  larger  expression  to  match  any  string  beginning  with  "b"  and 
ending  with  "ing": 

b.*ing 


Examples 

Use  spaces  to  separate  multiple  search  strings  unless  the  argument  is  prefixed  with  /c. 

To  search  for  "hello"  or  "there"  in  file  x.y,  type: 

findstr  "hello  there"  x.y 

To  search  for  "hello  there"  in  file  x.y,  type: 
findstr  /c: "hello  there"  x.y 

To  find  all  occurrences  of  the  word  "Windows"  (with  an  initial  capital  letter  W)  in  the  file  Proposal.txt,  type: 
findstr  Windows  proposal.txt 

To  search  every  file  in  the  current  directory  and  all  subdirectories  that  contained  the  word  Windows,  regardless  of 
the  letter  case,  type: 

findstr  /s  /i  Windows  *.* 

To  find  all  occurrences  of  lines  that  begin  with  "FOR"  and  are  preceded  by  zero  or  more  spaces  (as  in  a  computer 
program  loop),  and  to  display  the  line  number  where  each  occurrence  is  found,  type: 

findstr  /b  /n  /r  /c:"A  *FOR"  *.bas 

To  search  for  multiple  strings  in  a  set  of  files,  create  a  text  file  that  contains  each  search  criterion  on  a  separate  line. 
You  can  also  list  the  exact  files  that  you  want  to  search  in  a  text  file.  For  example,  to  use  the  search  criteria  in  the  file 
Stringlist.txt,  search  the  files  listed  in  Filelist.txt,  and  then  store  the  results  in  the  file  Results.out,  type: 

findstr  /g: stringlist.txt  /f ifilelist.txt  >  results.out 

To  list  every  file  containing  the  word  "computer"  within  the  current  directory  and  all  subdirectories,  regardless  of 
case,  type: 

findstr  /s  /i  /m  "\<computer\>"  *.* 

To  list  every  file  containing  the  word  "computer"  and  any  other  words  that  begin  with  "comp",  (such  as 
"compliment"  and  "compete"),  type: 


findstr  /s  /i  /m  "\<comp.*"  *.* 


Additional  references 

Command-Line  Syntax  Key 


finger 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Displays  information  about  a  user  or  users  on  a  specified  remote  computer  (typically  a  computer  running  UNIX) 
that  is  running  the  finger  service  or  daemon.  The  remote  computer  specifies  the  format  and  output  of  the  user 
information  display.  Used  without  parameters,  finger  displays  help. 

Syntax 

finger  [-1]  [<User>]  [@<Host>]  [...] 

Parameters 

PARAMETER  DESCRIPTION 

-I  Displays  user  information  in  long  list  format. 

Specifies  the  user  about  which  you  want  information.  If  you 
omit  the  User  parameter,  finger  displays  information  about  all 
users  on  the  specified  computer. 

@  Specifies  the  remote  computer  running  the  finger  service 

where  you  are  looking  for  user  information.  You  can  specify  a 
computer  name  or  IP  address. 

/?  Displays  help  at  the  command  prompt. 

remarks 

Multiple  User@Host  parameters  can  be  specified.  You  must  prefix  finger  parameters  with  a  hyphen  (-)  rather  than 
a  slash  (/).  This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in 
the  properties  of  a  network  adapter  in  Network  Connections.  The  Windows  Server  2003  does  not  provide  a  finger 
service. 

Examples 

To  display  information  for  userl  on  the  computer  users.microsoft.com,  type: 
finger  userl@users.microsoft.com 

To  display  information  for  all  users  on  the  computer  users.microsoft.com,  type: 
finger  @users. microsoft.com 


additional  references 

•  Command-Line  Syntax  Key 


flattemp 

10/24/2017  •  2  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Enables  or  disables  flat  temporary  folders,  for  examples  of  how  to  use  this  command,  see  Examples. 

NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 

version,  see  What  s  New  in  remote  Desktop  Services  in 

Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

Syntax 

flattemp  {/query  |  /enable  |  /disable} 

Parameters 

PARAMETER 

DESCRIPTION 

/query 

Queries  the  current  setting. 

/enable 

Enables  flat  temporary  folders.  Users  will  share  the  temporary 
folder  unless  the  temporary  folder  resides  in  the  user  s  home 
folder. 

/disable 

Disables  flat  temporary  folders.  Each  user  s  temporary  folder 
will  reside  in  a  separate  folder  (determined  by  the  user  s 

Session  ID). 

/?  Displays  help  at  the  command  prompt. 


remarks 

•  The  flattemp  command  is  only  available  when  you  have  installed  the  Terminal  Server  role  service  on  a 
computer  running  Windows  Server  2008  or  the  rd  Session  Host  role  service  on  a  computer  running  Windows 
Server  2008  R2. 

•  You  must  have  administrative  credentials  to  run  flattemp. 

•  After  each  user  has  a  unique  temporary  folder,  use  flattemp  /enable  to  enable  flat  temporary  folders. 

•  The  default  method  for  creating  temporary  folders  for  multiple  users  (usually  pointed  to  by  the  TEMP  and  TMP 
environment  variables)  is  to  create  subfolders  in  the  \Temp  folder,  by  using  the  logonID  as  the  subfolder  name. 
For  example,  if  the  TEMP  environment  variable  points  to  C:\Temp,  the  temporary  folder  assigned  to  the  user 
logonID  4  is  C:\Temp\4.  Using  flattemp,  you  can  point  directly  to  the\Temp  folder  and  prevent  subfolders 
from  forming.  This  is  useful  when  you  want  the  user  temporary  folders  to  be  contained  in  home  folders, 
whether  on  an  rd  Session  Host  server  local  drive  or  on  a  shared  network  drive.  You  should  use  the  flattemp 
/enable  command  only  when  each  user  has  a  separate  temporary  folder. 


•  You  might  encounter  application  errors  if  the  user's  temporary  folder  is  on  a  network  drive.  This  occurs  when 
the  shared  network  drive  becomes  momentarily  inaccessible  on  the  network.  Because  the  temporary  files  of  the 
application  are  either  inaccessible  or  out  of  synchronization,  it  responds  as  if  the  disk  has  stopped.  Moving  the 
temporary  folder  to  a  network  drive  is  not  recommended.  The  default  is  to  keep  temporary  folders  on  the  local 
hard  disk.  If  you  experience  unexpected  behavior  or  disk-corruption  errors  with  certain  applications,  stabilize 
your  network  or  move  the  temporary  folders  back  to  the  local  hard  disk. 

•  if  you  disable  using  separate  temporary  folders  per-session,  flattemp  settings  are  ignored.  This  option  is  set  in 
the  remote  Desktop  Services  Configuration  tool. 

Examples 

•  To  display  the  current  setting  for  flat  temporary  folders,  type:  flattemp  /query 

•  To  enable  flat  temporary  folders,  type: 

•  To  disable  flat  temporary  folders,  type: 

additional  references 

Command-Line  Syntax  Key 

remote  Desktop  Services  (Terminal  Services)  Command  Reference 


flattemp  /enable 
flattemp  /disable 


fondue 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Enables  Windows  optional  features  by  downloading  required  files  from  Windows  Update  or  another  source 
specified  by  Group  Policy.  The  manifest  file  for  the  feature  must  already  be  installed  in  your  Windows  image. 

Syntax 

fondue.exe  /enable-feature :<feature_name>  [/caller-name:<program_name>]  [/hide-ux: {all  |  rebootRequest}] 


Parameters 

PARAMETER  DESCRIPTION 

/enable-featur e:<feature_name>  Specifies  the  name  of  the  Windows  optional  feature  you  want 

to  enable.  You  can  only  enable  one  feature  per  command  line. 
To  enable  multiple  features,  use  fondue.exe  for  each  feature. 


/ca\\er-narr\e:<program_name>  Specifies  the  program  or  process  name  when  you  call 

fondue.exe  from  a  script  or  batch  file.  You  can  use  this  option 
to  add  the  program  name  to  the  SQM  report  if  there  is  an 
error. 


/hide-ux:{all  |  rebootRequest}  Use  all  to  hide  all  messages  to  the  user  including  progress 

and  permission  requests  to  access  Windows  Update.  If 
permission  is  required,  the  operation  will  fail. 

Use  rebootRequest  to  only  hide  user  messages  asking  for 
permission  to  reboot  the  computer.  Use  this  option  if  you 
have  a  script  that  controls  reboot  requests. 


Examples 

To  enable  Microsoft  .NET  Framework  3.5,  type: 

fondue . exe  /enable-feature : NETFX3 


To  enable  Microsoft  .NET  Framework  3.5,  add  the  program  name  to  the  SQM  report,  and  not  display  messages  to 
the  user,  type: 

fondue.exe  /enable-feature :NETFX3  /caller-name:Admin.bat  /hide-ux:all 


additional  references 


•  Command-Line  Syntax  Key  ##  See  Also  Microsoft  .NET  Framework  3.5  Deployment  Considerations 


for 

4/13/2018  •  8  min  to  read  •  Edit  Online 

Runs  a  specified  command  for  each  file  in  a  set  of  files. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

for  {%%|%}<Variable>  in  (<Set>)  do  <Command>  [<CommandLineOptions>] 

Parameters 

PARAMETER 

DESCRIPTION 

{%% 

%}<Variable> 

(<Set>) 

Required.  Specifies  one  or  more  files,  directories,  or  text  strings, 
or  a  range  of  values  on  which  to  run  the  command.  The 
parentheses  are  required. 

<Command> 

Required.  Specifies  the  command  that  you  want  to  carry  out 
on  each  file,  directory,  or  text  string,  or  on  the  range  of  values 
included  in  Set. 

<CommandLineOptions> 

Specifies  any  command-line  options  that  you  want  to  use  with 
the  specified  command. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Using  for 

You  can  use  the  for  command  within  a  batch  file  or  directly  from  the  command  prompt. 

•  Using  batch  parameters 

The  following  attributes  apply  to  the  for  command: 

o  The  for  command  replaces  %Variable  or  %%Variable  with  each  text  string  in  the  specified  set  until  the 
specified  command  processes  all  of  the  files. 

o  Variable  names  are  case  sensitive,  global,  and  no  more  than  52  can  be  active  at  a  time. 

o  To  avoid  confusion  with  the  batch  parameters  %0  through  %9,  you  can  use  any  character  for  Variable 
except  the  numerals  0  through  9.  For  simple  batch  files,  a  single  character  such  as  %%f  will  work. 

o  You  can  use  multiple  values  for  Variable  in  complex  batch  files  to  distinguish  different  replaceable 
variables. 

•  Specifying  a  group  of  files 

The  Set  parameter  can  represent  a  single  group  of  files  or  several  groups  of  files.  You  can  use  wildcard 


characters  (*  and  ?)  to  specify  a  file  set.  The  following  are  valid  file  sets: 


(* . doc) 

(*.doc  *.txt  *.me) 

(jan*.doc  jan*.rpt  feb*.doc  feb*.rpt) 

(ar??1991.*  ap??1991.*) 

When  you  use  the  for  command,  the  first  value  in  Set  replaces  %Variable  or  %%Variable,  and  then  the 
specified  command  processes  this  value.  This  continues  until  all  of  the  files  (or  groups  of  files)  that 
correspond  to  the  Set  value  are  processed. 

Using  the  in  and  do  keywords 

In  and  do  are  not  parameters,  but  you  must  use  them  with  for.  If  you  omit  either  of  these  keywords,  an 
error  message  appears. 

Using  additional  forms  of  for 

If  command  extensions  are  enabled  (that  is  the  default),  the  following  additional  forms  of  for  are  supported: 
o  Directories  only 

If  Set  contains  wildcard  characters  (*  or  ?),  the  specified  Command  executes  for  each  directory 
(instead  of  a  set  of  files  in  a  specified  directory)  that  matches  Set. 

The  syntax  is: 

for  /d  {%%|%}<Variable>  in  (<Set>)  do  <Command>  [<CommandLineOptions>] 

o  Recursive 

Walks  the  directory  tree  that  is  rooted  at  Drive:Path  and  executes  the  for  statement  in  each  directory 
of  the  tree.  If  no  directory  is  specified  after  /r,  the  current  directory  is  used  as  the  root  directory.  If  Set 
is  just  a  single  period  (.),  it  only  enumerates  the  directory  tree. 

The  syntax  is: 

for  /r  [[<Drive>: ]<Path>]  {%%|%}<Variable>  in  (<Set>)  do  <Command>  [<CommandLineOptions>] 
o  Iterating  a  range  of  values 

Use  an  iterative  variable  to  set  the  starting  value  (Start#)  and  then  step  through  a  set  range  of  values 
until  the  value  exceeds  the  set  ending  value  (End#).  /I  will  execute  the  iterative  by  comparing  Start# 
with  End#.  If  Start#  is  less  than  End#  the  command  will  execute.  When  the  iterative  variable  exceeds 
End#,  the  command  shell  exits  the  loop.  You  can  also  use  a  negative  Step#  to  step  through  a  range  in 
decreasing  values.  For  example,  (1,1,5)  generates  the  sequence  1  2  3  4  5  and  (5, -1,1)  generates  the 
sequence  5  4  3  2  1. 

The  syntax  is: 

for  /I  {%%|%}<Variable>  in  (<Start#>,<Step#>,<End#>)  do  <Command>  [<Commandl_ineOptions>] 
o  Iterating  and  file  parsing 

Use  file  parsing  to  process  command  output,  strings,  and  file  content.  Use  iterative  variables  to  define 
the  content  or  strings  that  you  want  to  examine,  and  use  the  various  ParsingKeywords  options  to 


further  modify  the  parsing.  Use  the  Parsing  Keywords  token  option  to  specify  which  tokens  should  be 
passed  as  iterative  variables.  Note  that  when  used  without  the  token  option,  /f  will  only  examine  the 
first  token. 

File  parsing  consists  of  reading  the  output,  string,  or  file  content,  and  then  breaking  it  into  individual 
lines  of  text  and  parsing  each  line  into  zero  or  more  tokens.  The  for  loop  is  then  called  with  the 
iterative  variable  value  set  to  the  token.  By  default,  /f  passes  the  first  blank  separated  token  from  each 
line  of  each  file.  Blank  lines  are  skipped. 

The  syntaxes  are: 

for  /f  ["<ParsingKeywords>"]  {%%|%}<Variable>  in  (<Set>)  do  <Command>  [<CommandLineOptions>] 
for  /f  ["ParsingKeywords"]  {%%|%}<Variable>  in  ("<LiteralString>")  do  <Command> 
[<CommandLineOptions>] 

for  /f  ["<ParsingKeywords>"]  {%%|%}<Variable>  in  ( ' <Command> ' )  do  <Command> 

[<Commandl_ineOptions>] 


The  Set  argument  specifies  one  or  more  file  names.  Each  file  is  opened,  read,  and  processed  before 
moving  to  the  next  file  in  Set.  To  override  the  default  parsing  behavior,  specify  ParsingKeywords.  This 
is  a  quoted  string  that  contains  one  or  more  keywords  to  specify  different  parsing  options. 

If  you  use  the  usebackq  option,  use  one  of  the  following  syntaxes: 

for  /f  ["usebackq  <ParsingKeywords>" ]  {%%|%}<Variable>  in  (<Set>)  do  <Command> 
[<CommandLineOptions>] 

for  /f  ["usebackq  <ParsingKeywords>" ]  {%%|%}<Variable>  in  ("<LiteralString>")  do  <Command> 
[<CommandLineOptions>] 

for  /f  ["usebackq  <ParsingKeywords>" ]  {%%|%}<Variable>  in  ( ' <Command> ' )  do  <Command> 
[<CommandLineOptions>] 


The  following  table  lists  the  parsing  keywords  that  you  can  use  for  ParsingKeywords. 


KEYWORD 

DESCRIPTION 

eol=<c> 

Specifies  an  end  of  line  character  (just  one  character). 

skip=<N> 

Specifies  the  number  of  lines  to  skip  at  the  beginning 
of  the  file. 

delims=<xxx> 

Specifies  a  delimiter  set.  This  replaces  the  default 
delimiter  set  of  space  and  tab. 

tokens  =<X,Y,M-N> 

Specifies  which  tokens  from  each  line  are  to  be  passed 
to  the  for  loop  for  each  iteration.  As  a  result, 
additional  variable  names  are  allocated.  M-N  specifies 
a  range,  from  the  Mth  through  the  A/th  tokens.  If  the 
last  character  in  the  tokens^  string  is  an  asterisk  (*), 
an  additional  variable  is  allocated,  and  it  receives  the 
remaining  text  on  the  line  after  the  last  token  that  is 
parsed. 

usebackq 

Specifies  to  execute  a  back-quoted  string  as  a 
command,  and  a  single-quoted  string  as  a  literal  string 
command.  Also,  allows  file  names  in  Set  to  be  enclosed 
in  quotation  marks. 

o  Variable  substitution 


The  following  table  lists  optional  syntax  (for  any  variable  I). 


VARIABLE  WITH  MODIFIER 

DESCRIPTION 

%~l 

Expands  %l  which  removes  any  surrounding  quotation 
marks  (" "). 

%~fl 

Expands  %l  to  a  fully  qualified  path  name. 

%~dl 

Expands  %l  to  a  drive  letter  only. 

%~pl 

Expands  %l  to  a  path  only. 

%~nl 

Expands  %l  to  a  file  name  only. 

%~xl 

Expands  %l  to  a  file  name  extension  only. 

%~sl 

Expands  path  to  contain  short  names  only. 

%~al 

Expands  %l  to  the  file  attributes  of  file. 

%~tl 

Expands  %l  to  the  date  and  time  of  file. 

%~zi 

Expands  %l  to  the  size  of  the  file. 

%~$PATH:I 

Searches  the  directories  listed  in  the  PATH 
environment  variable  and  expands  %l  to  the  fully 
qualified  name  of  the  first  directory  found.  If  the 
environment  variable  name  is  not  defined  or  the  file  is 
not  found  by  the  search,  this  modifier  expands  to  the 
empty  string. 

The  following  table  lists  modifier  combinations  that  you  can  use  to  get  compound  results. 

VARIABLE  WITH  COMBINED  MODIFIERS 

DESCRIPTION 

%~dpi 

Expands  %l  to  a  drive  letter  and  path  only. 

%~nxl 

Expands  %l  to  a  file  name  and  extension  only. 

%~fsi 

Expands  %l  to  a  full  path  name  with  short  names  only. 

%~dp$PATH:l 

Searches  the  directories  that  are  listed  in  the  PATH 
environment  variable  for  %l  and  expands  to  the  drive 
letter  and  path  of  the  first  one  found. 

%~ftzal 

Expands  %l  to  an  output  line  that  is  like  dir. 

In  the  above  examples,  you  can  replace  %l  and  PATH  with  other  valid  values.  A  valid  for  variable 
name  terminates  the  %~  syntax. 

By  using  uppercase  variable  names  such  as  %l,  you  can  make  your  code  more  readable  and  avoid 
confusion  with  the  modifiers,  which  are  not  case  sensitive. 


Parsing  a  string 


You  can  use  the  for/f  parsing  logic  on  an  immediate  string  by  wrapping  Set  in  single  quotes— for  example, 
('Set').  Set  is  treated  as  a  single  line  of  input  from  a  file,  and  then  it  is  parsed. 

•  Parsing  output 

You  can  use  the  for/f  command  to  parse  the  output  of  a  command  by  making  a  back-quoted  string  from 
the  Set  between  the  parentheses.  It  is  treated  as  a  command  line,  which  is  passed  to  a  child  Cmd.exe.  The 
output  is  captured  into  memory  and  parsed  as  if  it  is  a  file. 

Examples 

To  use  for  in  a  batch  file,  use  the  following  syntax: 

for  {%%|%}<Variable>  in  (<Set>)  do  <Command>  [<CommandLineOptions>] 

To  display  the  contents  of  all  the  files  in  the  current  directory  that  have  the  extension  .doc  or  .txt  by  using  the 
replaceable  variable  %f,  type: 

for  %f  in  (*.doc  *.txt)  do  type  %f 

In  the  preceding  example,  each  file  that  has  the  .doc  or  .txt  extension  in  the  current  directory  is  substituted  for  the 
%f  variable  until  the  contents  of  every  file  are  displayed.  To  use  this  command  in  a  batch  file,  replace  every 
occurrence  of  %f  with  %%f.  Otherwise,  the  variable  is  ignored  and  an  error  message  is  displayed. 

To  parse  a  file,  ignoring  commented  lines,  type: 

for  /f  "eol=;  tokens=2,3*  delims=,"  %i  in  (myfile.txt)  do  @echo  %i  %j  %k 

This  command  parses  each  line  in  Myfile.txt.  It  ignores  lines  that  begin  with  a  semicolon  and  passes  the  second  and 
third  token  from  each  line  to  the  for  body  (tokens  are  delimited  by  commas  or  spaces).  The  body  of  the  for 
statement  references  %i  to  get  the  second  token,  %j  to  get  the  third  token,  and  %k  to  get  all  of  the  remaining 
tokens.  If  the  file  names  that  you  supply  contain  spaces,  use  quotation  marks  around  the  text  (for  example,  "File 
Name").  To  use  quotation  marks,  you  must  use  usebackq.  Otherwise,  the  quotation  marks  are  interpreted  as 
defining  a  literal  string  to  parse. 

%i  is  explicitly  declared  in  the  for  statement.  %j  and  %k  are  implicitly  declared  by  using  tokens=.  You  can  use 
tokens=  to  specify  up  to  26  tokens,  provided  that  it  does  not  cause  an  attempt  to  declare  a  variable  higher  than  the 
letter  "z"  or  "Z." 

The  following  example  enumerates  the  environment  variable  names  in  the  current  environment.  To  parse  the 
output  of  a  command  by  placing  Set  between  the  parentheses,  type: 

for  /f  "usebackq  delims=="  %i  in  ('set')  do  @echo  %i 

Additional  references 


Command-Line  Syntax  Key 


forfiles 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Selects  and  executes  a  command  on  a  file  or  set  of  files.  This  command  is  useful  for  batch  processing 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

forfiles  [/p  <Path>]  [/m  <SearchMask>]  [/s ]  [/c  "<Command>"]  [/d  [{+ I -}] [{<Date> | <Days>}] ] 

Parameters 


PARAMETER 

DESCRIPTION 

/p  <Path> 

Specifies  the  path  from  which  to  start  the  search.  By  default, 
searching  starts  in  the  current  working  directory. 

/m  <SearchMask> 

Searches  files  according  to  the  specified  search  mask.  The 
default  search  mask  is  *.\*. 

/s 

Instructs  the  forfiles  command  to  search  into  subdirectories 
recursively. 

/c  "<Command>" 

Runs  the  specified  command  on  each  file.  Command  strings 
should  be  enclosed  in  quotation  marks.  The  default  command 

is  "cmd  /c  echo  @file". 

/d  [{+  |-}]l[{<  Date>  |l  <  Days>}] 

Selects  files  with  a  last  modified  date  within  the  specified  time 
frame. 

-  Selects  files  with  a  last  modified  date  later  than  or  equal  to 
(+)  or  earlier  than  or  equal  to  (-)  the  specified  date,  where 
Date  is  in  the  format  MM/DD/YYYY. 

-  Selects  files  with  a  last  modified  date  later  than  or  equal  to 
(+)  the  current  date  plus  the  number  of  days  specified,  or 
earlier  than  or  equal  to  (-)  the  current  date  minus  the  number 
of  days  specified. 

-  Valid  values  for  Days  include  any  number  in  the  range  0- 
32,768.  If  no  sign  is  specified,  +  is  used  by  default. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Forfiles  is  most  commonly  used  in  batch  files. 

•  Forfiles /s  is  similar  to  dir/s. 

•  You  can  use  the  following  variables  in  the  command  string  as  specified  by  the  /c  command-line  option. 


VARIABLE 


DESCRIPTION 


@FILE 

File  name. 

@FNAME 

File  name  without  extension. 

@EXT 

File  name  extension. 

@PATH 

Full  path  of  the  file. 

@RELPATH 

Relative  path  of  the  file. 

@ISDIR 

Evaluates  to  TRUE  if  a  file  type  is  a  directory.  Otherwise,  this 
variable  evaluates  to  FALSE. 

@FSIZE 

File  size,  in  bytes. 

@FDATE 

Last  modified  date  stamp  on  the  file. 

@FTIME 

Last  modified  time  stamp  on  the  file. 

•  With  forfiles,  you  can  run  a  command  on  or  pass  arguments  to  multiple  files.  For  example,  you  could  run  the 
type  command  on  all  files  in  a  tree  with  the  .txt  file  name  extension.  Or  you  could  execute  every  batch  file  (*.bat) 
on  drive  C,  with  the  file  name  "Myinput.txt"  as  the  first  argument. 

•  With  forfiles,  you  can  do  any  of  the  following: 

o  Select  files  by  an  absolute  date  or  a  relative  date  by  using  the  /d  parameter, 
o  Build  an  archive  tree  of  files  by  using  variables  such  as  @FSIZE  and  @FDATE. 
o  Differentiate  files  from  directories  by  using  the  @ISDIR  variable. 

o  Include  special  characters  in  the  command  line  by  using  the  hexadecimal  code  for  the  character,  in  Ox/-//-/ 
format  (for  example,  0x09  for  a  tab). 

•  Forfiles  works  by  implementing  the  recurse  subdirectories  flag  on  tools  that  are  designed  to  process  only  a 
single  file. 

Examples 

To  list  all  of  the  batch  files  on  drive  C,  type: 

forfiles  /p  c:\  /s  /m  *.bat  / c  "cmd  /c  echo  @file  is  a  batch  file" 

To  list  all  of  the  directories  on  drive  C,  type: 

forfiles  /p  c:\  /s  /m  *.*  /c  "cmd  /c  if  @isdir==true  echo  @file  is  a  directory" 

To  list  all  of  the  files  in  the  current  directory  that  are  at  least  one  year  old,  type: 

forfiles  /s  /m  *.*  /d  -365  /c  "cmd  /c  echo  @file  is  at  least  one  year  old." 

To  display  the  text  "File  is  outdated"  for  each  of  the  files  in  the  current  directory  that  are  older  than  January  1,  2007, 
type: 


forfiles  /s  /m  *.*  /d  -01/01/2007  /c  "cmd  /c  echo  @file  is  outdated." 


To  list  the  file  name  extensions  of  all  the  files  in  the  current  directory  in  column  format,  and  add  a  tab  before  the 
extension,  type: 


forfiles  /s  /m  *.*  /c  "cmd  /c  echo  The  extension  of  @file  is  0x09@ext" 


Additional  references 

Command-Line  Syntax  Key 


Format 

1 0/24/2017  •  5  min  to  read  •  Edit  Online 


Applies  To:  Windows  10,  Windows  Server  2016 


Formats  a  disk  to  accept  Windows  files. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

format  <Volume>  [/fs : {FAT| FAT32 | NTFS}]  [/v:<Label>]  [/q]  [/a : <UnitSize>]  [/c]  [/x]  [/p:<Passes>] 

format  <Volume>  [/v:<Label>]  [ /q ]  [/f:<Size>]  [/p : <Passes>] 

format  <Volume>  [/v:<Label>]  [/q]  [/t:<Tracks>  /n : <Sectors>]  [/p:<Passes>] 

format  <Volume>  [/v:<Label>]  [/q]  [/p:<Passes>] 

format  <Volume>  [/q] 


Parameters 

PARAMETER  DESCRIPTION 


<Volume>  Specifies  the  mount  point,  volume  name,  or  drive  letter 

(followed  by  a  colon)  of  the  drive  that  you  want  to  format.  If 
you  do  not  specify  any  of  the  following  command-line  options, 
format  uses  the  volume  type  to  determine  the  default  format 
for  the  disk. 


/fs:{FAT 


FAT32 


/v:<Label>  Specifies  the  volume  label.  If  you  omit  the /v  command-line 

option  or  use  it  without  specifying  a  volume  label,  format 
prompts  you  for  the  volume  label  after  the  formatting  is 
complete.  Use  the  syntax /v:  to  prevent  the  prompt  for  a 
volume  label.  If  you  use  a  single  format  command  to  format 
more  than  one  disk,  all  of  the  disks  will  be  given  the  same 
volume  label. 


/a:<UnitSize> 


Specifies  the  allocation  unit  size  to  use  on  FAT,  FAT32,  or  NTFS 
volumes.  If  you  do  not  specify  UnitSize,  it  is  chosen  based  on 
volume  size.  Default  settings  are  strongly  recommended  for 
general  use.  The  following  list  presents  valid  values  for  NTFS, 
FAT,  and  FAT32  UnitSize: 

512 

1024 

2048 

4096 

8192 

16K 

32K 

64  K 


FAT  and  FAT32  also  support  128K  and  256K  for  a  sector  size 
greater  than  512  bytes. 


PARAMETER 


DESCRIPTION 


/q 

Performs  a  quick  format.  Deletes  the  file  table  and  the  root 
directory  of  a  previously  formatted  volume,  but  does  not 
perform  a  sector-by-sector  scan  for  bad  areas.  You  should  use 
the  /q  command-line  option  to  format  only  previously 
formatted  volumes  that  you  know  are  in  good  condition.  Note 
that  /q  overrides  /p. 

/f:<Size> 

Specifies  the  size  of  the  floppy  disk  to  format.  When  possible, 
use  this  command-line  option  instead  of  the  /t  and  /n 
command-line  options.  Windows  accepts  the  following  values 
for  size: 

-  1440  or  1440k  or  1440kb 

-  1 .44  or  1 ,44m  or  1 ,44mb 

-  1.44-MB,  double-sided,  quadruple-density,  3.5-inch  disk 

/t:<  Tracks  > 

Specifies  the  number  of  tracks  on  the  disk.  When  possible,  use 
the  /f  command-line  option  instead.  If  you  use  the  /t  option, 
you  must  also  use  the  /n  option.  These  options  together 
provide  an  alternative  method  of  specifying  the  size  of  the  disk 
that  is  being  formatted.  This  option  is  not  valid  with  the  /f 
option. 

/n:<  Sectors  > 

Specifies  the  number  of  sectors  per  track.  When  possible,  use 
the /f  command-line  option  instead  of/n.  If  you  use/n,  you 
must  also  use  /t.  These  two  options  together  provide  an 
alternative  method  of  specifying  the  size  of  the  disk  that  is 
being  formatted.  This  option  is  not  valid  with  the  /f  option. 

/p:<  Passes > 

Zeros  every  sector  on  the  volume  for  the  number  of  passes 
specified.  This  option  is  not  valid  with  the  /q  option. 

/c 

NTFS  only.  Files  created  on  the  new  volume  will  be  compressed 
by  default. 

/x 

Causes  the  volume  to  dismount,  if  necessary,  before  it  is 
formatted.  Any  open  handles  to  the  volume  will  no  longer  be 
valid. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Administrative  credentials 

You  must  be  a  member  of  the  Administrators  group  to  format  a  hard  drive. 

•  Using  format 

The  format  command  creates  a  new  root  directory  and  file  system  for  the  disk.  It  can  also  check  for  bad 
areas  on  the  disk,  and  it  can  delete  all  data  on  the  disk.  To  be  able  to  use  a  new  disk,  you  must  first  use  this 
command  to  format  the  disk. 

•  Adding  a  volume  label 

After  formatting  a  floppy  disk,  format  displays  the  following  message: 


Volume  label  (11  characters,  ENTER  for  none)? 


To  add  a  volume  label,  type  up  to  11  characters  (including  spaces).  If  you  do  not  want  to  add  a  volume  label 
to  the  disk,  press  ENTER. 

•  Formatting  a  hard  disk 


NOTE 

You  must  be  a  member  of  the  Administrators  group  to  format  a  hard  disk. 


When  you  use  the  format  command  to  format  a  hard  disk,  a  warning  message  similar  to  the  following  displays: 

WARNING,  ALL  DATA  ON  NON-REMOVABLE  DISK 
DRIVE  x:  WILL  BE  LOST! 

Proceed  with  Format  ( Y/N ) ?  _ 

To  format  the  hard  disk,  press  Y;  if  you  do  not  want  to  format  the  disk,  press  N. 

•  Unit  size 

FAT  file  systems  restrict  the  number  of  clusters  to  no  more  than  65526.  FAT32  file  systems  restrict  the 
number  of  clusters  to  between  65527  and  41 7791 7. 

NTFS  compression  is  not  supported  for  allocation  unit  sizes  above  4096. 


When  formatting  is  complete,  **format**  displays  messages  that  show  the  total  disk  space,  the  spaces  marked  as 
defective,  and  the  space  available  for  your  files. 

•  Quick  formatting 

You  can  speed  up  the  formatting  process  by  using  the  /q  command-line  option.  Use  this  option  only  if  there 
are  no  bad  sectors  on  your  hard  disk. 

•  Using  format  with  a  reassigned  drive  or  a  network  drive 

You  should  not  use  the  format  command  on  a  drive  that  was  prepared  by  using  the  subst  command.  You 
cannot  format  disks  over  a  network. 

•  Format  exit  codes 

The  following  table  lists  each  exit  code  and  a  brief  description  of  its  meaning. 

EXIT  CODE  DESCRIPTION 

0  The  format  operation  was  successful. 


1 


Incorrect  parameters  were  supplied. 


EXIT  CODE 


DESCRIPTION 


4  A  fatal  error  occurred  (which  is  any  error  other  than  0,  1, 

or  5). 

5  The  user  pressed  N  in  response  to  the  prompt  "Proceed 

with  Format  (Y/N)?"  to  stop  the  process. 

You  can  check  these  exit  codes  by  using  the  ERRORLEVEL  environment  variable  with  the  if  batch 
command. 

•  Using  format  at  the  Recovery  Console 

The  format  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 

Examples 

To  format  a  new  floppy  disk  in  drive  A  using  the  default  size,  type: 

format  a: 

To  perform  a  quick  format  operation  on  a  previously  formatted  floppy  disk  in  drive  A,  type: 

format  a:  /q 

To  format  a  floppy  disk  in  drive  A  and  assign  it  the  volume  label  "DATA,"  type: 

format  a:  /v:DATA 

Additional  references 

Command-Line  Syntax  Key 


freedisk 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 


Checks  to  see  if  the  specified  amount  of  disk  space  is  available  before  continuing  with  an  installation  process. 

Syntax 

freedisk  [/s  <computer>  [/u  [<Domain>\]<User>  [/p  [<Password>] ] ] ]  [/d  <Drive>]  [<Value>] 


Parameters 

PARAMETER  DESCRIPTION 


/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer.  This 
parameter  applies  to  all  files  and  folders  specified  in  the 
command. 

/u  [\] 

Runs  the  script  with  the  permissions  of  the  specified  user 
account.  The  default  is  system  permissions. 

/P  □ 

Specifies  the  password  of  the  user  account  that  is  specified  in 
/u. 

/d 

Specifies  the  drive  for  which  you  want  to  find  out  the 
availability  of  free  space.  You  must  specify  for  a  remote 
computer. 

Checks  for  a  specific  amount  of  free  disk  space.  You  can  specify 
in  bytes,  KB,  MB,  GB,  TB,  PB,  EB,  ZB  or  YB. 


remarks 

•  Using  the  /s,  /u,  and  /p  command-line  options  are  available  only  when  you  use  /s.  You  must  use  /p  with  /uto 
provide  the  user  s  password. 

•  for  unattended  installations,  you  can  use  freedisk  in  installation  batch  files  to  check  for  the  prerequisite  amount 
free  space  before  continuing  with  the  installation. 

•  When  you  use  freedisk  in  a  batch  file,  it  returns  a  0  if  there  is  enough  space  and  a  1  if  there  is  not  enough 
space.  ##  Examples  To  determine  whether  there  are  at  least  50  MB  of  free  space  available  on  drive  C :,  type: 

freedisk  semb  Output  similar  to  the  following  appears  on  the  screen: 

INFO:  The  specified  52,428,800  byte(s)  of  free  space  is  available  on  current  drive.  ##  additional  references 
Command-Line  Syntax  Key 


Fsutil 

1 0/1 7/2017  •  3  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 

Performs  tasks  that  are  related  to  file  allocation  table  (FAT)  and  NTFS  file  systems,  such  as  managing  reparse 
points,  managing  sparse  files,  or  dismounting  a  volume.  If  it  is  used  without  parameters,  Fsutil  displays  a  list  of 
supported  subcommands. 


NOTE 

You  must  be  logged  on  as  an  administrator  or  a  member  of  the  Administrators  group  to  use  Fsutil.  The  Fsutil  command  is 
quite  powerful  and  should  be  used  only  by  advanced  users  who  have  a  thorough  knowledge  of  Windows  operating 
systems. 


Parameters 

SUBCOMMAND 

DESCRIPTION 

Fsutil  8dot3name 

Queries  or  changes  the  settings  for  short  name  behavior  on 
the  system,  for  example,  generates  8.3  character-length  file 
names.  Removes  short  names  for  all  files  within  a  directory. 

Scans  a  directory  and  identifies  registry  keys  that  might  be 
impacted  if  short  names  were  stripped  from  the  files  in  the 
directory. 

Fsutil  behavior 

Queries  or  sets  volume  behavior. 

Fsutil  dirty 

Queries  whether  the  volume's  dirty  bit  is  set  or  sets  a 
volume's  dirty  bit.  When  a  volume's  dirty  bit  is  set,  autochk 
automatically  checks  the  volume  for  errors  the  next  time  the 
computer  is  restarted. 

Fsutil  file 

Finds  a  file  by  user  name  (if  Disk  Quotas  are  enabled),  queries 
allocated  ranges  for  a  file,  sets  a  file's  short  name,  sets  a  file's 
valid  data  length,  sets  zero  data  for  a  file,  creates  a  new  file  of 
a  specified  size,  finds  a  file  ID  if  given  the  name,  or  finds  a  file 
link  name  for  a  specified  file  ID. 

Fsutil  fsinfo 

Lists  all  drives  and  queries  the  drive  type,  volume 
information,  NTFS-specific  volume  information,  or  file  system 

statistics. 


SUBCOMMAND 


DESCRIPTION 


Fsutil  hardlink 

Lists  hard  links  for  a  file,  or  creates  a  hard  link  (a  directory 
entry  for  a  file).  Every  file  can  be  considered  to  have  at  least 
one  hard  link.  On  NTFS  volumes,  each  file  can  have  multiple 
hard  links,  so  a  single  file  can  appear  in  many  directories  (or 
even  in  the  same  directory,  with  different  names).  Because  all 
of  the  links  reference  the  same  file,  programs  can  open  any  of 
the  links  and  modify  the  file.  A  file  is  deleted  from  the  file 
system  only  after  all  links  to  it  are  deleted.  After  you  create  a 
hard  link,  programs  can  use  it  like  any  other  file  name. 

Fsutil  objectid 

Manages  object  identifiers,  which  are  used  by  the  Windows 
operating  system  to  track  objects  such  as  files  and 
directories. 

Fsutil  quota 

Manages  disk  quotas  on  NTFS  volumes  to  provide  more 
precise  control  of  network- based  storage.  Disk  quotas  are 
implemented  on  a  per-volume  basis  and  enable  both  hard- 
and  soft-storage  limits  to  be  implemented  on  a  per-user 
basis. 

Fsutil  repair 

Queries  or  sets  the  self-healing  state  of  the  volume.  Self- 
healing  NTFS  attempts  to  correct  corruptions  of  the  NTFS  file 
system  online  without  requiring  Chkdsk.exe  to  be  run. 
Includes  initiating  on-disk  verification  and  waiting  for  repair 
completion. 

Fsutil  reparsepoint 

Queries  or  deletes  reparse  points  (NTFS  file  system  objects 
that  have  a  definable  attribute  containing  user-controlled 
data).  Reparse  points  are  used  to  extend  functionality  in  the 
input/output  (I/O)  subsystem.  They  are  used  for  directory 
junction  points  and  volume  mount  points.  They  are  also  used 
by  file  system  filter  drivers  to  mark  certain  files  as  special  to 
that  driver. 

Fsutil  resource 

Creates  a  Secondary  Transactional  Resource  Manager,  starts 
or  stops  a  Transactional  Resource  Manager,  displays 
information  about  a  Transactional  Resource  Manager  or 
modifies  its  behavior. 

Fsutil  sparse 

Manages  sparse  files.  A  sparse  file  is  a  file  with  one  or  more 
regions  of  unallocated  data  in  it.  A  program  will  see  these 
unallocated  regions  as  containing  bytes  with  the  value  zero, 
but  no  disk  space  is  used  to  represent  these  zeros.  All 
meaningful  or  nonzero  data  is  allocated,  whereas  all  non¬ 
meaningful  data  (large  strings  of  data  composed  of  zeros)  is 
not  allocated.  When  a  sparse  file  is  read,  allocated  data  is 
returned  as  stored  and  unallocated  data  is  returned  as  zeros 
(by  default  in  accordance  with  the  C2  security  requirement 
specification).  Sparse  file  support  allows  data  to  be 
deallocated  from  anywhere  in  the  file. 

Fsutil  tiering 

Enables  management  of  storage  tier  functions,  such  as 
setting  and  disabling  flags  and  listing  of  tiers. 

Fsutil  transaction 

Commits  a  specified  transaction,  rolls  back  a  specified 
transaction,  or  displays  info  about  the  transaction. 

SUBCOMMAND 


DESCRIPTION 


Fsutil  usn  Manages  the  update  sequence  number  (USN)  change  journal, 

which  provides  a  persistent  log  of  all  changes  made  to  files 
on  the  volume. 


Fsutil  volume  Manages  a  volume.  Dismounts  a  volume,  queries  to  see  how 

much  free  space  is  available  on  a  disk,  or  finds  a  file  that  is 
using  a  specified  cluster. 


Fsutil  wim 


Provides  functions  to  discover  and  manage  WIM-backed  files. 


See  also 

Command-Line  Syntax  Key 


Fsutil  file 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Finds  a  file  by  user  name  (if  Disk  Quotas  are  enabled),  queries  allocated  ranges  for  a  file,  sets  a  file's  short  name, 
sets  a  file's  valid  data  length,  sets  zero  data  for  a  file,  or  creates  a  new  file. 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

fsutil 

file 

[createnew]  <filename>  <length> 

[findbysid]  <username>  <directory> 

[optimizemetadata]  [/A]  <filename> 

[queryallocranges]  offset=<offset>  length=<length>  <filename> 
[queryextents]  [ /R ]  <filename>  [<startingvcn>  [<numvcns>]] 
[queryfileid]  <filename> 

[queryfilenamebyid]  <volume>  <fileid> 

[queryoptimizemetadata]  <filename> 

[queryvaliddata]  [/R]  [/D]  <filename> 

[seteof]  <filename>  <length> 

[setshortname]  <filename>  <shortname> 

[setvaliddata]  <filename>  <datalength> 

[setzerodata]  offset=<offset>  length=<length>  <filename> 


Parameters 


PARAMETER 

DESCRIPTION 

createnew 

Creates  a  file  of  the  specified  name  and  size,  with  content  that 
consists  of  zeroes. 

<filename> 

Specifies  the  full  path  to  the  file  including  the  file  name  and 
extension,  for  example  C:\documents\filename.txt. 

<length> 

Specifies  the  file's  valid  data  length. 

findbysid 

Finds  files  that  belong  to  a  specified  user  on  NTFS  volumes 
where  Disk  Quotas  are  enabled. 

<username> 

Specifies  the  user's  user  name  or  logon  name. 

<  directory  > 

Specifies  the  full  path  to  the  directory,  for  example  C:\users. 

optimizemetadata 

This  performs  an  immediate  compaction  of  the  metadata  for  a 
given  file. 

/A 

Analyze  file  metadata  before  and  after  optimization. 

PARAMETER 


DESCRIPTION 


queryallocranges 

Queries  the  allocated  ranges  for  a  file  on  an  NTFS  volume. 
Useful  for  determining  whether  a  file  has  sparse  regions. 

offset  =<  offset  > 

Specifies  the  start  of  the  range  that  should  be  set  to  zeroes. 

length=<length> 

Specifies  the  length  of  the  range  (in  bytes). 

queryextents 

Queries  extents  for  a  file. 

/R 

If  is  a  reparse  point,  open  it  rather  than  its  target. 

<startingvcn> 

Specifies  first  VCN  to  query.  If  omitted,  start  at  VCN  0. 

<numvcns> 

Number  of  VCNs  to  query.  If  omitted  or  0,  query  until  EOF. 

queryfileid 

Queries  the  file  ID  of  a  file  on  an  NTFS  volume. 

This  parameter  applies  to:  Windows  Server  2008  R2  and 
Windows  7  . 

<volume> 

Specifies  the  volume  as  drive  name  followed  by  a  colon. 

queryfilenamebyid 

Displays  a  random  link  name  for  a  specified  file  ID  on  an  NTFS 
volume.  Since  a  file  can  have  more  than  one  link  name 
pointing  to  that  file,  it  is  not  guaranteed  which  file  link  will  be 
provided  as  a  result  of  the  query  for  the  file  name. 

This  parameter  applies  to:  Windows  Server  2008  132  and 
Windows  7  . 

<fileid> 

Specifies  the  ID  of  the  file  on  an  NTFS  volume. 

queryoptimizemetadata 

Queries  the  metadata  state  of  a  file. 

queryvaliddata 

Queries  the  valid  data  length  for  a  file. 

/D 

Display  detailed  valid  data  information. 

seteof 

Sets  the  EOF  of  the  given  file. 

setshortname 

Sets  the  short  name  (8.3  character-length  file  name)  for  a  file 
on  an  NTFS  volume. 

<shortname> 

Specifies  the  file's  short  name. 

setvaliddata 

Sets  the  valid  data  length  for  a  file  on  an  NTFS  volume. 

<datalength> 

Specifies  the  length  of  the  file  in  bytes. 

setzerodata 

Sets  a  range  (specified  by  Offset  and  Length )  of  the  file  to 
zeroes,  which  empties  the  file.  If  the  file  is  a  sparse  file,  the 
underlying  allocation  units  are  decommitted. 

Remarks 


•  In  NTFS,  there  are  two  IMPORTANT  concepts  of  file  length:  the  end-of-file  (EOF)  marker  and  the  Valid  Data 
Length  (VDL).  The  EOF  indicates  the  actual  length  of  the  file.  The  VDL  identifies  the  length  of  valid  data  on 
disk.  Any  reads  between  VDL  and  EOF  automatically  return  0  to  preserve  the  C2  object  reuse  requirement. 

•  The  setvaliddata  parameter  is  only  available  for  administrators  because  it  requires  the  Perform  volume 
maintenance  tasks  (SeManageVolumePrivilege)  privilege.  This  feature  is  only  required  for  advanced 
multimedia  and  system  area  network  scenarios.  The  setvaliddata  parameter  must  be  a  positive  value  that  is 
greater  than  the  current  VDL,  but  less  than  the  current  file  size. 

It  is  useful  for  programs  to  set  a  VDL  when: 

o  Writing  raw  clusters  directly  to  disk  through  a  hardware  channel.  This  allows  the  program  to  inform 
the  file  system  that  this  range  contains  valid  data  that  can  be  returned  to  the  user. 

o  Creating  large  files  when  performance  is  an  issue.  This  avoids  the  time  it  takes  to  fill  the  file  with 
zeroes  when  the  file  is  created  or  extended. 

Examples 

To  find  files  that  are  owned  by  scottb  on  drive  C,  type: 
fsutil  file  findbysid  scottb  c:\users 

To  query  the  allocated  ranges  for  a  file  on  an  NTFS  volume,  type: 

fsutil  file  queryallocranges  offset=1024  length=64  c:\temp\sample.txt 

To  optimize  metadata  for  a  file,  type: 

fsutil  file  optimizemetadata  C:\largefragmentedfile.txt 

To  query  the  extents  for  a  file,  type: 

fsutil  file  queryextents  C:\Temp\sample.txt 

To  set  the  EOF  for  a  file,  type: 

fsutil  file  seteof  C:\testfile.txt  1000 

To  set  the  short  name  for  the  file  Longfilename.txt  on  drive  C  to  Longfile.txt,  type: 
fsutil  file  setshortname  c:\longfilename.txt  longfile.txt 

To  set  the  valid  data  length  to  4096  bytes  for  a  file  named  Testfile.txt  on  an  NTFS  volume,  type: 

fsutil  file  setvaliddata  c:\testfile.txt  4096 

To  set  a  range  of  a  file  on  an  NTFS  volume  to  zeros  to  empty  it,  type: 


fsutil  file  setzerodata  offset=100  length=150  c:\temp\sample.txt 


Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Fsutil  fsinfo 

1 0/1 7/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Lists  all  drives,  queries  the  drive  type,  queries  volume  information,  queries  NTFS-specific  volume  information,  or 
queries  file  system  statistics. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  fsinfo  [drives] 
fsutil  fsinfo  [drivetype]  <VolumePath> 
fsutil  fsinfo  [ntfsinfo]  <RootPath> 
fsutil  fsinfo  [statistics]  <VolumePath> 
fsutil  fsinfo  [volumeinfo]  <RootPath> 


Parameters 

PARAMETER  DESCRIPTION 


drives 

Lists  all  drives  in  the  computer. 

drivetype 

Queries  a  drive  and  lists  its  type,  for  example  CD-ROM  drive. 

ntfsinfo 

Lists  NTFS  specific  volume  information  for  the  specified 
volume,  such  as  the  number  of  sectors,  total  clusters,  free 
clusters,  and  the  start  and  end  of  the  MFT  Zone. 

sectorinfo 

Lists  information  about  the  hardware's  sector  size  and 
alignment. 

statistics 

Lists  file  system  statistics  for  the  specified  volume,  such  as 
metadata,  log  file,  and  MFT  reads  and  writes. 

volumeinfo 

Lists  information  for  the  specified  volume,  such  as  the  file 
system,  and  whether  the  volume  supports  case-sensitive  file 
names,  Unicode  in  file  names,  disk  quotas,  or  is  a  DirectAccess 
(DAX)  volume. 

<"VolumePath"> 

Specifies  the  drive  letter  (followed  by  a  colon). 

<"RootPathname"> 

Specifies  the  drive  letter  (followed  by  a  colon)  of  the  root  drive. 

Examples 


To  list  all  of  the  drives  in  the  computer,  type: 


fsutil  fsinfo  drives 


Output  similar  to  the  following  displays: 

Drives:  A:\  C:\  D:\  E:\ 


To  query  the  drive  type  of  drive  C,  type: 

fsutil  fsinfo  drivetype  c: 


Possible  results  of  the  query  include: 

Unknown  Drive 

No  such  Root  Directory 

Removable  Drive,  for  example  floppy 

Fixed  Drive 

Remote/Network  Drive 

CD-ROM  Drive 

Ram  Disk 


To  query  the  volume  information  for  volume  E,  type: 

fsinfo  volumeinfo  e:\ 


Output  similar  to  the  following  displays: 

Volume  Name  :Volume 
Serial  Number  :  0xd0b634d9 
Max  Component  Length  :  255 
File  System  Name  :  NTFS 


Supports  Named  Streams 
Is  DAX  Volume 


To  query  drive  F  for  NTFS-specific  volume  information,  type: 

fsutil  fsinfo  ntfsinfo  f: 


Output  similar  to  the  following  displays: 


NTFS  Volume  Serial  Number 

0xe660d46a60d442cb 

Number  Sectors  : 

0x00000000010ea04f 

Total  Clusters  : 

0x000000000021d409 

Mft  Zone  End  : 

0x0000000000004700 

To  query  the  file  system's  underlying  hardware  for  sector  information,  type: 


fsinfo  sectorinfo  d: 

Output  similar  to  the  following  displays: 

D:\>fsutil  fsinfo  sectorinfo  d: 

LogicalBytesPerSector  : 

4096 

PhysicalBytesPerSectorForAtomicity  : 

Trim  Not  Supported 

DAX  capable 

4096 

To  query  the  file  system  statistics  for  drive  E,  type: 

fsinfo  statistics  e: 


Output  similar  to  the  following  displays: 


File  System  Type  : 

NTFS 

Version  : 

1 

UserFileReads  : 

75021 

UserFileReadBytes  : 

1305244512 

LogFileWriteBytes  : 

180936704 

Additional  references 


Command-Line  Syntax  Key  Fsutil 


Fsutil  hardlink 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 

2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 

Creates  a  hard  link  between  an  existing  file  and  a  new  file. 

Syntax 

fsutil  hardlink  create  <NewFileName>  <ExistingFileName> 

fsutil  hardlink  list  <Filename> 

Parameters 

PARAMETER 

DESCRIPTION 

create 

Establishes  an  NTFS  hard  link  between  an  existing  file  and  a 
new  file.  (An  NTFS  hard  link  is  similar  to  a  POSIX  hard  link.) 

<NewFileName> 

Specifies  the  file  that  you  want  to  create  a  hard  link  to. 

<ExistingFileName> 

Specifies  the  file  that  you  want  to  create  a  hard  link  from. 

list 

Lists  the  hardlinks  to  Filename. 

This  parameter  applies  to:  Windows  Server  2008  R2  and 
Windows  7  . 


Remarks 

•  A  hard  link  is  a  directory  entry  for  a  file.  Every  file  can  be  considered  to  have  at  least  one  hard  link.  On  NTFS 
volumes,  each  file  can  have  multiple  hard  links,  so  a  single  file  can  appear  in  many  directories  (or  even  in  the 
same  directory  with  different  names).  Because  all  of  the  links  reference  the  same  file,  programs  can  open  any  of 
the  links  and  modify  the  file.  A  file  is  deleted  from  the  file  system  only  after  all  links  to  it  have  been  deleted. 
After  you  create  a  hard  link,  programs  can  use  it  like  any  other  file  name. 

Additional  references 

Command-Line  Syntax  Key 


Fsutil 


Fsutil  objectid 

1 0/1 7/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Manages  object  identifiers  (Ol  Ds),  which  are  internal  objects  used  by  the  Distributed  Link  Tracking  (DLT)  Client 
service  and  File  Replication  Service  (FRS)  to  track  other  objects  such  as  files,  directories,  and  links.  Object 
identifiers  are  invisible  to  most  programs  and  should  never  be  modified. 

Caution 

Do  not  delete,  set,  or  otherwise  modify  an  object  identifier.  Deleting  or  setting  an  object  identifier  can  result  in  the 
loss  of  data  from  portions  of  a  file,  up  to  and  including  entire  volumes  of  data.  In  addition,  you  might  cause  adverse 
behavior  in  the  Distributed  Link  Tracking  (DLT)  Client  service  and  File  Replication  Service  (FRS). 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  objectid  [create]  <FileName> 
fsutil  objectid  [delete]  <FileName> 
fsutil  objectid  [query]  <FileName> 

fsutil  objectid  [set]  <0bjectID>  <BirthVolumeID>  <BirthObjectID>  <DomainID>  <FileName> 


Parameters 


PARAMETER 

DESCRIPTION 

create 

Creates  an  object  identifier  if  the  specified  file  does  not  already 
have  one.  If  the  file  already  has  an  object  identifier,  this 
subcommand  is  equivalent  to  the  query  subcommand. 

delete 

Deletes  an  object  identifier. 

query 

Queries  an  object  identifier. 

set 

Sets  an  object  identifier. 

<ObjectlD> 

Sets  a  file-specific  16  byte  hexadecimal  identifier  that  is 
guaranteed  to  be  unique  within  a  volume.  The  object  identifier 
is  used  by  the  Distributed  Link  Tracking  (DLT)  Client  service 
and  the  File  Replication  Service  (FRS)  to  identify  files. 

<BirthVolumelD> 

Indicates  the  volume  on  which  the  file  was  located  when  it  first 
obtained  an  object  identifier.  This  value  is  a  16  byte 
hexadecimal  identifier  that  is  used  by  the  DLT  Client  service. 

<BirthObjectlD> 

Indicates  the  file's  original  object  identifier  (The  ObjectID  may 
change  when  a  file  is  moved).  This  value  is  a  1 6  byte 
hexadecimal  identifier  that  is  used  by  the  DLT  Client  service. 

PARAMETER 


DESCRIPTION 


<DomainlD> 


16  byte  hexadecimal  domain  identifier.  This  value  is  not 
currently  used  and  must  be  set  to  all  zeros. 


<FileName> 


Specifies  the  full  path  to  the  file  including  the  file  name  and 
extension,  for  example  C:\documents\filename.txt. 


Remarks 

•  Any  file  that  has  an  object  identifier  also  has  a  birth  volume  identifier,  a  birth  object  identifier,  and  a  domain 
identifier.  When  you  move  a  file,  the  object  identifier  may  change,  but  the  birth  volume  and  birth  object 
identifiers  remain  the  same.  This  behavior  enables  the  Windows  operating  system  to  always  find  a  file,  no 
matter  where  it  has  been  moved. 

Examples 

To  create  an  object  identifier,  type: 
fsutil  objectid  create  c:\temp\sample.txt 
To  delete  an  object  identifier,  type: 
fsutil  objectid  delete  c:\temp\sample.txt 
To  query  an  object  identifier,  type: 
fsutil  objectid  query  c:\temp\sample.txt 
To  set  an  object  identifier,  type: 

fsutil  objectid  set  40dff02fc9b4d4118fl20090273fa9fc  f86ad6865fe8d21183910008c709dl9e 
40dff02f c9b4d4118f 120090273f a9f c  00000000000000000000000000000000  c : \temp\sample . txt 

Additional  references 

Command-Line  Syntax  Key 


Fsutil 


Fsutil  quota 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Manages  disk  quotas  on  NTFS  volumes  to  provide  more  precise  control  of  network-based  storage. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  quota  [disable]  <VolumePath> 
fsutil  quota  [enforce]  <VolumePath> 

fsutil  quota  [modify]  <VolumePath>  <Threshold>  <Limit>  <UserName> 
fsutil  quota  [query]  <VolumePath> 
fsutil  quota  [track]  <VolumePath> 
fsutil  quota  [violations] 


Parameters 

PARAMETER  DESCRIPTION 


disable 

Disables  quota  tracking  and  enforcement  on  the  specified 
volume. 

enforce 

Enforces  quota  usage  on  the  specified  volume. 

modify 

Modifies  an  existing  disk  quota  or  creates  a  new  quota. 

query 

Lists  existing  disk  quotas. 

track 

Tracks  disk  usage  on  the  specified  volume. 

violations 

Searches  the  system  and  application  logs  and  displays  a 
message  to  indicate  that  quota  violations  have  been  detected 
or  that  a  user  has  reached  a  quota  threshold  or  quota  limit. 

<VolumePath> 

Required.  Specifies  the  drive  name  followed  by  a  colon  or  the 
GUID  in  the  format  Volume{GL//D}. 

<Threshold> 

Sets  the  limit  (in  bytes)  at  which  warnings  are  issued.  This 
parameter  is  required  for  the  fsutil  quota  modify  command. 

<Limit> 

Sets  the  maximum  allowed  disk  usage  (in  bytes).  This 
parameter  is  required  for  the  fsutil  quota  modify  command. 

<UserName> 

Specifies  the  domain  or  user  name.  This  parameter  is  required 

for  the  fsutil  quota  modify  command. 

Remarks 

•  Disk  quotas  are  implemented  on  a  per-volume  basis,  and  they  enable  both  hard  and  soft  storage  limits  to  be 
implemented  on  a  per-user  basis. 

•  You  can  use  write  scripts  that  use  fsutil  quota  to  set  the  quota  limits  every  time  you  add  a  new  user  or  to 
automatically  track  quota  limits,  compile  them  into  a  report,  and  automatically  send  them  to  the  system 
administrator  in  e-mail. 

Examples 

To  list  existing  disk  quotas  for  a  disk  volume  that  is  specified  with  the  GUID,  (928842df-5a01  -1 1  de-a85c- 
806e6f6e6963),  type: 

fsutil  quota  query  Volume{928842df-5a01-llde-a85c-806e6f6e6963} 

To  list  existing  disk  quotas  for  a  disk  volume  that  is  specified  with  the  drive  letter,  C:,  type: 

Fsutil  quota  query  C: 

Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Fsutil  repair 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Administers  and  monitors  NTFS  self-healing  repair  operations. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  repair  [enumerate]  <volumepath>  [<LogName>] 
fsutil  repair  [initiate]  <VolumePath>  <FileReference> 
fsutil  repair  [query]  <VolumePath> 
fsutil  repair  [set]  <VolumePath>  <Flags> 
fsutil  repair  [wait] [<WaitType>]  <VolumePath> 


Parameters 


PARAMETER 

DESCRIPTION 

enumerate 

Enumerates  the  entires  of  a  volume's  corruption  log. 

<volumepath> 

Specifies  the  volume  as  the  drive  name  followed  by  a  colon. 

<LogName> 

$Corrupt  -  The  set  of  confirmed  corruptions  in  the  volume. 
$Verify  -  A  set  of  potential,  unverified  corruptions  in  the 
volume. 

initiate 

Initiates  NTFS  self-healing. 

<FileReference> 

Specifies  the  NTFS  volume-specific  file  ID  (file  reference 
number).  The  file  reference  includes  the  segment  number  of 
the  file. 

query 

Queries  the  self-healing  state  of  the  NTFS  volume. 

set 

Sets  the  self-healing  state  of  the  volume. 

<Flags> 

Specifies  the  repair  method  to  be  used  when  setting  the  self- 
healing  state  of  the  volume. 

The  Flags  parameter  can  be  set  to  three  values: 

-  0x01:  Enables  general  repair. 

-  0x09:  Warns  about  potential  data  loss  without  repair. 

-  0x00:  Disables  NTFS  self-healing  repair  operations. 

PARAMETER 


DESCRIPTION 


state 


Queries  the  corruption  state  of  the  system  or  for  a  given 
volume. 


wait  Waits  for  repair(s)  to  complete.  If  NTFS  has  detected  a  problem 

on  a  volume  on  which  it  is  performing  repairs,  this  option 
allows  the  system  to  wait  until  the  repair  is  complete  before  it 
runs  any  pending  scripts. 


[WaitType  {0 1 1 }]  Indicates  whether  to  wait  for  the  current  repair  to  complete  or 

to  wait  for  all  repairs  to  complete.  WaitType  can  be  set  to  the 
following  values: 

-  0:  Waits  for  all  repairs  to  complete,  (default  value) 

-  1:  Waits  for  the  current  repair  to  complete. 


Remarks 

•  Self-healing  NTFS  attempts  to  correct  corruptions  of  the  NTFS  file  system  online,  without  requiring 

Chkdsk.exe  to  be  run.  This  feature  was  introduced  in  Windows  Server  2008.  For  more  information,  see  Self 
Healing  NTFS. 

Examples 

To  enumerate  the  confirmed  corruptions  of  a  volume,  type: 

fsutil  repair  enumerate  C:  $Corrupt 


To  enable  self-healing  repair  on  drive  C,  type: 

fsutil  repair  set  c:  1 


To  disable  self-healing  repair  on  drive  C,  type: 

fsutil  repair  set  c:  0 

Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Self  Healing  NTFS 


Fsutil  reparsepoint 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7,  Windows 
2008,  Windows  Vista 


Queries  or  deletes  reparse  points.  The  fsutil  reparsepoint  command  is  typically  used  by  support  professionals. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  reparsepoint  [query]  <FileName> 
fsutil  reparsepoint  [delete]  <FileName> 


Parameters 

PARAMETER  DESCRIPTION 


query 


Retrieves  the  reparse  point  data  that  is  associated  with  the  file 
or  directory  identified  by  the  specified  handle. 


delete  Deletes  a  reparse  point  from  the  file  or  directory  that  is 

identified  by  the  specified  handle,  but  does  not  delete  the  file 
or  directory. 


Specifies  the  full  path  to  the  file  including  the  file  name  and 
extension,  for  example  C:\documents\filename.txt. 


Remarks 

•  Reparse  points  are  NTFS  file  system  objects  that  have  a  definable  attribute  that  contains  user-defined  data, 
and  they  are  used  to  extend  functionality  in  the  input/output  (I/O)  subsystem. 

•  Reparse  points  are  used  for  directory  junction  points  and  volume  mount  points.  They  are  also  used  by  file 
system  filter  drivers  to  mark  certain  files  as  special  to  that  driver. 

•  When  a  program  sets  a  reparse  point,  it  stores  this  data,  plus  a  reparse  tag,  which  uniquely  identifies  the 
data  it  is  storing.  When  the  file  system  opens  a  file  with  a  reparse  point,  it  attempts  to  find  the  associated  file 
system  filter.  If  the  file  system  filter  is  found,  the  filter  processes  the  file  as  directed  by  the  reparse  data.  If  no 
file  system  filter  is  found,  the  File  open  operation  fails. 

Examples 

To  retrieve  reparse  point  data  associated  with  C:\Server,  type: 

fsutil  reparsepoint  query  c:\server 


To  delete  a  reparse  point  from  a  specified  file  or  directory,  use  the  following  format: 


fsutil  reparsepoint  delete  c:\server 


Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Fsutil  resource 

1 0/24/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7,  Windows 
2008,  Windows  Vista 


Creates  a  Secondary  Transactional  Resource  Manager,  starts  or  stops  a  Transactional  Resource  Manager,  or 
displays  information  about  a  Transactional  Resource  Manager  and  modifies  the  following  behavior: 

•  Whether  a  default  Transactional  Resource  Manager  will  clean  its  transactional  metadata  at  the  next  mount 

•  The  specified  Transactional  Resource  Manager  to  prefer  consistency  over  availability 

•  The  specified  Transaction  Resource  Manager  to  prefer  availability  over  consistency 

•  The  characteristics  of  a  running  Transactional  Resource  Manager 
For  examples  of  how  to  use  this  command,  see  Examples  . 

Syntax 

fsutil  resource  [create]  <RmRootPathname> 
fsutil  resource  [info]  <RmRootPathname> 

fsutil  resource  [setautoreset]  {true|false}  <DefaultRmRootPathname> 
fsutil  resource  [setavailable]  <RmRootPathname> 
fsutil  resource  [setconsistent]  <RmRootPathname> 

fsutil  resource  [setlog]  [growth  {<Containers>  containers | <Percent>  percent}  <RmRootPathname>]  [maxextents 
<Containers>  <RmRootPathname>]  [minextents  <Containers>  <RmRootPathname>]  [mode  {full | undo}  <RmRootPathname>] 
[rename  <RmRootPathname>]  [shrink  <percent>  <RmRootPathname>]  [size  <Containers>  <RmRootPathname>] 
fsutil  resource  [start]  <RmRootPathname>  [<RmLogPathname>  <TmLogPathname> 
fsutil  resource  [stop]  <RmRootPathname> 


Parameters 

PARAMETER  DESCRIPTION 

create  Creates  a  secondary  Transactional  Resource  Manager. 


Specifies  the  full  path  to  a  Transactional  Resource  Manager 
root  directory. 


info 


Displays  the  specified  Transactional  Resource  Manager's 
information. 


setautoreset  Specifies  whether  a  default  Transactional  Resource  Manager 

will  clean  the  transactional  metadata  on  the  next  mount. 

-  Set  the  setautoreset  parameter  to  true  to  specify  that  the 
Transaction  Resource  Manager  will  clean  the  transactional 
metadata  on  the  next  mount,  by  default. 

-  Set  the  setautoreset  parameter  to  false  to  specify  that  the 
Transaction  Resource  Manager  will  not  clean  the  transactional 
metadata  on  the  next  mount,  by  default. 


PARAMETER 


DESCRIPTION 


Specifies  the  drive  name  followed  by  a  colon. 

setavailable 

Specifies  that  a  Transactional  Resource  Manager  will  prefer 
availability  over  consistency. 

setconsistent 

Specifies  that  a  Transactional  Resource  Manager  will  prefer 
consistency  over  availability. 

setlog 

Changes  the  characteristics  of  a  Transactional  Resource 
Manager  that  is  already  running. 

growth 

Specifies  the  amount  by  which  the  Transactional  Resource 
Manager  log  can  grow. 

The  growth  parameter  can  be  specified  as  follows: 

-  Number  of  containers  using  the  format: 

Containerscontainers 

-  Percentage  using  the  format:  Percenfpercent 

Specifies  the  data  objects  that  are  used  by  the  Transactional 
Resource  Manager. 

maxextent 

Specifies  the  maximum  number  of  containers  for  the  specified 
Transactional  Resource  Manager. 

minextent 

Specifies  the  minimum  number  of  containers  for  the  specified 
Transactional  Resource  Manager. 

mode  {full|undo} 

Specifies  whether  all  transactions  are  logged  (  full)  or  only 
rolled  back  events  are  logged  (undo). 

rename 

Changes  the  GUID  for  the  Transactional  Resource  Manager. 

shrink 

Specifies  percentage  by  which  the  Transactional  Resource 
Manager  log  can  automatically  decrease. 

size 

Specifies  the  size  of  the  Transactional  Resource  Manager  as  a 
specified  number  of  Containers. 

start 

Starts  the  specified  Transactional  Resource  Manager. 

stop 

Stops  the  specified  Transactional  Resource  Manager. 

Examples 

To  set  the  log  for  the  Transactional  Resource  Manager  that  is  specified  by  c:\test,  to  have  an  automatic  growth  of 
five  containers,  type: 

fsutil  resource  setlog  growth  5  containers  c:test 


To  set  the  log  for  the  Transactional  Resource  Manager  that  is  specified  by  c:\test,  to  have  an  automatic  growth  of 
two  percent,  type: 


fsutil  resource  setlog  growth  2  percent  c:test 

To  specify  that  the  default  Transactional  Resource  Manager  will  clean  the  transactional  metadata  on  the  next  mount 
on  drive  C,  type: 

fsutil  resource  setautoreset  true  c:\ 

Additional  references 

Command-Line  Syntax  Key 

Fsutil 

Transactional  NTFS 


Fsutil  sparse 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 

2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 

Manages  sparse  files. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  sparse  [queryflag]  <FileName> 
fsutil  sparse  [queryrange]  <FileName> 
fsutil  sparse  [setflag]  <FileName> 

fsutil  sparse  [setrange]  <FileName>  <BeginningOffset> 

<Length> 

Parameters 

PARAMETER 

DESCRIPTION 

queryflag 

Queries  sparse. 

queryrange 

Scans  a  file  and  searches  for  ranges  that  may  contain  nonzero 
data. 

setflag 

Marks  the  indicated  file  as  sparse. 

setrange 

Fills  a  specified  range  of  a  file  with  zeros. 

Specifies  the  full  path  to  the  file  including  the  file  name  and 
extension,  for  example  C:\documents\filename.txt. 

Specifies  the  offset  within  the  file  to  mark  as  sparse. 


Specifies  the  length  of  the  region  in  the  file  to  be  marked  as 
sparse  (in  bytes). 


Remarks 

•  A  sparse  file  is  a  file  with  one  or  more  regions  of  unallocated  data  in  it.  A  program  will  see  these  unallocated 
regions  as  containing  bytes  with  the  value  zero,  but  no  disk  space  is  used  to  represent  these  zeros.  All 
meaningful  or  nonzero  data  is  allocated,  whereas  all  nonmeaningful  data  (large  strings  of  data  that  is 
composed  of  zeros)  is  not  allocated.  When  a  sparse  file  is  read,  allocated  data  is  returned  as  stored,  and 
unallocated  data  is  returned,  by  default,  as  zeros,  in  accordance  with  the  C2  security  requirement 
specification.  Sparse  file  support  allows  data  to  be  deallocated  from  anywhere  in  the  file. 

•  In  a  sparse  file,  large  ranges  of  zeroes  may  not  require  disk  allocation.  Space  for  nonzero  data  will  be 
allocated  as  needed  when  the  file  is  written. 


•  Only  compressed  or  sparse  files  can  have  zeroed  ranges  known  to  the  operating  system. 

•  If  the  file  is  sparse  or  compressed,  NTFS  may  deallocate  disk  space  within  the  file.  This  sets  the  range  of 
bytes  to  zeroes  without  extending  the  file  size. 

Examples 

To  mark  a  file  named  Sample.txt  in  the  C:\Temp  directory  as  sparse,  type: 

fsutil  sparse  setflag  c:\temp\sample.txt 

Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Fsutil  tiering 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0 

Enables  management  of  storage  tier  functions,  such 

as  setting  and  disabling  flags  and  listing  of  tiers. 

Syntax 

fsutil  tiering  [clearflags]  <volume>  <flags> 
fsutil  tiering  [queryflags]  <volume> 
fsutil  tiering  [regionlist]  <volume> 
fsutil  tiering  [setflags]  <volume>  <flags> 
fsutil  tiering  [tierlist]  <volume> 

Parameters 

PARAMETER 

DESCRIPTION 

clearflags 

Disables  the  tiering  behavior  flags  of  a  volume. 

<volume> 

Specifies  the  volume. 

/TrNH 

For  volumes  with  tiered  storage,  causes  Heat  gathering  to  be 
disabled. 

Applies  to  NTFS  and  ReFS  only. 

queryflags 

Queries  the  tiering  behavior  flags  of  a  volume. 

regionlist 

Lists  the  tiered  regions  of  a  volume  and  their  respective 
storage  tiers. 

setflags 

Enables  the  tiering  behavior  flags  of  a  volume. 

tierlist 

Lists  the  storage  tieres  associated  with  a  volume. 

Examples 

To  query  the  flags  on  volume  C,  type: 

fsutil  tiering  clearflags  C: 

To  set  the  flags  on  volume  C,  type: 

fsutil  tiering  setflags  C:  /TrNH 

To  clear  the  flags  on  volume  C,  type: 


fsutil  tiering  clearflags  C:  /TrNH 


To  list  the  regions  of  volume  C  and  their  respective  storage  tiers,  type: 


fsutil  tiering  regionlist  C: 


To  list  the  tiers  of  volume  C,  type: 


fsutil  tiering  tierlist  C: 


Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Fsutil  transaction 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7,  Windows 
2008,  Windows  Vista 


Manages  NTFS  transactions. 

For  examples  of  how  to  use  this  command,  see  Examples  . 

Syntax 

fsutil  transaction  [commit]  <GUID> 
fsutil  transaction  [fileinfo]  <Filename> 
fsutil  transaction  [list] 

fsutil  transaction  [query]  [{Files | All}]  <GUID> 
fsutil  transaction  [rollback]  <GUID> 


Parameters 


PARAMETER 

DESCRIPTION 

commit 

Marks  the  end  of  a  successful  implicit  or  explicit  specified 
transaction. 

Specifies  the  GUID  value  that  represents  a  transaction. 

fileinfo 

Displays  transaction  information  for  the  specified  file. 

Specifies  full  path  and  file  name. 

list 

Displays  a  list  of  currently  running  transactions. 

query 

Displays  information  for  the  specified  transaction. 

-  If  fsutil  transaction  query  Files  is  specified,  the  file 
information  will  be  displayed  only  for  the  specified  transaction. 

-  If  fsutil  transaction  query  All  is  specified,  all  information  for 
the  transaction  will  be  displayed. 

rollback 

Rolls  back  a  specified  transaction  to  the  beginning. 

Remarks 

•  Transactional  NTFS  was  introduced  in  Windows  Server  2008  . 

Examples 

To  display  transaction  information  for  file  c:\test.txt,  type: 

fsutil  transaction  fileinfo  c:\test.txt 


Additional  references 

Command-Line  Syntax  Key 

Fsutil 

Transactional  NTFS 


Fsutil  usn 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Manages  the  update  sequence  number  (USN)  changejournal. 

Syntax 

fsutil  usn  [createjounnal]  m=<MaxSize>  a=<AllocationDelta>  <VolumePath> 

fsutil  usn  [deletejounnal]  {/D  |  /N}  <volumepath> 

fsutil  usn  [enablerangetracking]  <volumepath>  [options] 

fsutil  usn  [enumdata]  <FileRef>  <LowUSN>  <HighUSN>  <VolumePath> 

fsutil  usn  [queryjournal]  <VolumePath> 

fsutil  usn  [readdata]  <FileName> 

fsutil  usn  [readjournal]  [c=  <chunk-size>  s=<file-size-threshold>]  <volumepath> 


Parameters 

PARAMETER  DESCRIPTION 


createjournal 

Creates  a  USN  changejournal. 

m=<MaxSize> 

Specifies  the  maximum  size,  in  bytes,  that  NTFS  allocates  for 
the  changejournal. 

a  =  <  Allocation  Delta  > 

Specifies  the  size,  in  bytes,  of  memory  allocation  that  is  added 
to  the  end  and  removed  from  the  beginning  of  the  change 
journal. 

<VolumePath> 

Specifies  the  drive  letter  (followed  by  a  colon). 

deletejournal 

Deletes  or  disables  an  active  USN  changejournal.  Caution: 
Deleting  the  changejournal  impacts  the  File  Replication 

Service  (FRS)  and  the  Indexing  Service,  because  it  would 
require  these  services  to  perform  a  complete  (and  time- 
consuming)  scan  of  the  volume.  This  in  turn  negatively 
impacts  FRS  SYSVOL  replication  and  replication  between  DFS 
link  alternates  while  the  volume  is  being  rescanned. 

/d 

Disables  an  active  USN  changejournal,  and  returns 
input/output  (I/O)  control  while  the  changejournal  is  being 
disabled. 

/n 

Disables  an  active  USN  changejournal  and  returns  I/O  control 
only  after  the  changejournal  is  disabled. 

enablerangetracking 

Enables  USN  write  range  tracking  for  a  volume. 

c=<chunk-size> 


Specifies  the  chunk  size  to  track  on  a  volume. 


PARAMETER 


DESCRIPTION 


s=  <file-size-threshold> 

Specifies  the  file  size  threshold  for  range  tracking. 

enumdata 

Enumerates  and  lists  the  changejournal  entries  between  two 
specified  boundaries. 

<FileRef> 

Specifies  the  ordinal  position  within  the  files  on  the  volume  at 
which  the  enumeration  is  to  begin. 

<LowUSN> 

Specifies  the  lower  boundary  of  the  range  of  USN  values  used 
to  filter  the  records  that  are  returned.  Only  records  whose  last 
changejournal  USN  is  between  or  equal  to  the  LowUSN  and 
HighUSN  member  values  are  returned. 

<HighUSN> 

Specifies  the  upper  boundary  of  the  range  of  USN  values  used 
to  filter  the  files  that  are  returned. 

queryjournal 

Queries  a  volume's  USN  data  to  gather  information  about  the 
current  changejournal,  its  records,  and  its  capacity. 

readdata 

Reads  the  USN  data  for  a  file. 

<FileName> 

Specifies  the  full  path  to  the  file,  including  the  file  name  and 
extension  For  example:  C:\documents\filename.txt 

readjournal 

Reads  the  USN  records  in  the  USN  journal. 

minver=<number> 

Minimum  Major  Version  of  USN_RECORD  to  return.  Default  = 

2. 

maxver=  <  number> 

Maximum  Major  Version  of  USN_RECORD  to  return.  Default  = 

4. 

startusn=<USN  number> 

USN  to  start  reading  the  USN  journal  from.  Default  =  0. 

Remarks 

•  Aboutthe  USN  change  journal 

The  USN  change  journal  provides  a  persistent  log  of  all  changes  made  to  files  on  the  volume.  As  files, 
directories,  and  other  NTFS  objects  are  added,  deleted,  and  modified,  NTFS  enters  records  into  the  USN 
change  journal,  one  for  each  volume  on  the  computer.  Each  record  indicates  the  type  of  change  and  the 
object  changed.  New  records  are  appended  to  the  end  of  the  stream. 

Programs  can  consult  the  USN  change  journal  to  determine  all  the  modifications  made  to  a  set  of  files.  The 
USN  change  journal  is  much  more  efficient  than  checking  time  stamps  or  registering  for  file  notifications. 
The  USN  changejournal  is  enabled  and  used  by  the  Indexing  Service,  File  Replication  Service  (FRS), 
Remote  Installation  Services  (RIS),  and  Remote  Storage. 

•  Using  createjournal 


If  a  changejournal  already  exists  on  a  volume,  the  createjournal  parameter  updates  the  change  journal's 
MaxSize  and  Allocation  Delta  parameters.  This  enables  you  to  expand  the  number  of  records  that  an  active 


journal  maintains  without  having  to  disable  it. 

•  Using  m 

The  change  journal  can  grow  larger  than  this  target  value,  but  the  change  journal  is  truncated  at  the  next 
NTFS  checkpoint  to  less  than  this  value.  NTFS  examines  the  change  journal  and  trims  it  when  its  size 
exceeds  the  value  of  MaxSize  plus  the  value  of  Alio  cation  Delta.  At  NTFS  checkpoints,  the  operating  system 
writes  records  to  the  NTFS  log  file  that  enable  NTFS  to  determine  what  processing  is  required  to  recover 
from  a  failure. 

•  Using  a 

The  change  journal  can  grow  to  more  than  the  sum  of  the  values  of  MaxSize  and  Allocation  Delta  before 
being  trimmed. 

•  Using  deletejournal 

Deleting  or  disabling  an  active  change  journal  is  very  time  consuming,  because  the  system  must  access  all 
the  records  in  the  master  file  table  (MFT)  and  set  the  last  US N  attribute  to  0  (zero).  This  process  can  take 
several  minutes,  and  it  can  continue  after  the  system  restarts,  if  a  restart  is  necessary.  During  this  process, 
the  change  journal  is  not  considered  active,  nor  is  it  disabled.  While  the  system  is  disabling  the  journal,  it 
cannot  be  accessed,  and  all  journal  operations  return  errors.  You  should  use  extreme  care  when  disabling  an 
active  journal,  because  it  adversely  affects  other  applications  that  are  using  thejournal. 

Examples 

To  create  a  USN  change  journal  on  drive  C,  type: 

fsutil  usn  createjournal  m=1000  a=100  c: 

To  delete  an  active  USN  change  journal  on  drive  C,  type: 

fsutil  usn  deletejournal  /d  c: 

To  enable  range  tracking  with  a  specified  chunk-size  and  file-size-threshold,  type: 
fsutil  usn  enablerangetracking  c=16384  s=67108864  C: 

To  enumerate  and  list  the  change  journal  entries  between  two  specified  boundaries  on  drive  C,  type: 

fsutil  usn  enumdata  101c: 

To  query  USN  data  for  a  volume  on  drive  C,  type: 
fsutil  usn  queryjournal  c: 

To  read  the  USN  data  for  a  file  in  the  \Temp  folder  on  drive  C,  type: 

fsutil  usn  readdata  c:\temp\sample.txt 


To  read  the  USN  journal  with  a  specific  start  USN,  type: 


fsutil  usn  readjournal  startusn=0xF00 


Additional  references 

Command-Line  Syntax  Key 

Fsutil 


Fsutil  volume 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0,  Windows  Server 
2012  R2,  Windows  8.1,  Windows  Server  2012,  Windows  8,  Windows  Server  2008  R2,  Windows  7 


Dismounts  a  volume,  or  queries  the  hard  disk  drive  to  determine  how  much  free  space  is  currently  available  on  the 
hard  disk  drive  or  which  file  is  using  a  particular  cluster. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

fsutil  volume  [allocationreport]  <VolumePath> 
fsutil  volume  [diskfree]  <VolumePath> 
fsutil  volume  [dismount]  <VolumePath> 
fsutil  volume  [filelayout]  <VolumePath>  <fileid> 
fsutil  volume  [list] 

fsutil  volume  [querycluster]  <VolumePath>  <Cluster>  [<Cluster>]  . 


Parameters 


PARAMETER 

DESCRIPTION 

allocationreport 

Displays  information  about  how  storage  is  used  on  a  given 
volume. 

<VolumePath> 

Specifies  the  drive  letter  (followed  by  a  colon). 

diskfree 

Queries  the  hard  disk  drive  to  determine  the  amount  of  free 
space  on  it. 

dismount 

Dismounts  a  volume. 

filelayout 

Displays  NTFS  metadata  for  the  given  file. 

<fileid> 

Specifies  the  file  id. 

list 

Lists  all  of  the  volumes  on  the  system. 

querycluster 

Finds  which  file  is  using  a  specified  cluster.  You  can  specify 
multiple  clusters  with  the  querycluster  parameter. 

This  parameter  applies  to:  Windows  Server  2008  R2  and 

Windows  7  . 

<cluster> 

Specifies  the  logical  cluster  number  (LCN). 

Examples 


To  display  an  allocated  clusters  report,  type: 


fsutil  volume  allocationreport  C: 

To  dismount  a  volume  on  drive  C,  type: 

fsutil  volume  dismount  c: 

To  query  the  amount  of  free  space  of  a  volume  on  drive  C,  type: 

fsutil  volume  diskfree  c: 

To  display  all  the  information  about  a  specified  file(s),  type: 

fsutil  volume  C:  * 

fsutil  volume  C:\Windows 

fsutil  volume  C:  0x00040000000001bf 

To  list  the  volumes  on  disk,  type: 

fsutil  volume  list 

To  find  the  file(s)  that  are  using  the  clusters,  specified  by  the  logical  cluster  numbers  50  and  0x2000,  on  drive  C, 
type: 


fsutil  volume  querycluster  C:  50  0x2000 

Additional  references 

Command-Line  Syntax  Key 

Fsutil 


How  NTFS  Works 


Fsutil  wim 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  1 0 


Provides  functions  to  discover  and  manage  Windows  Image  (WIM)-backed  files. 

Syntax 

fsutil  wim  [enumfiles]  <drive  name>  <data  source> 

fsutil  wim  [enumwims]  <drive  name> 

fsutil  wim  [queryfile]  <filename> 

fsutil  wim  [removewim]  <drive  name>  <data  source> 


Parameters 


PARAMETER 

DESCRIPTION 

enumfiles 

Enumerates  WIM  backed  files. 

<drive  name> 

Specifies  the  drive  name. 

<data  source> 

Specifies  the  data  source. 

enumwims 

Enumerates  backing  WIM  files. 

queryfile 

Queries  if  the  file  is  backed  by  WIM,  and  if  so,  displays  details 
about  the  WIM  file. 

<filename> 

Specifies  the  filename. 

removewim 

Removes  a  WIM  from  backing  files. 

Examples 

To  enumerate  the  files  for  drive  C:  from  data  source  0,  type: 

fsutil  wim  enumfiles  C:  0 


To  enumerate  backing  WIM  files  for  drive  C:,  type: 

fsutil  wim  enumwims  C: 


To  see  if  a  file  is  backed  by  WIM,  type: 

fsutil  wim  C:\Windows\Notepad.exe 


To  remove  the  WIM  from  backing  files  for  volume  C:  and  data  source  2,  type: 


fsutil  wim  removewims  C:  2 


Additional  references 

Command-Line  Syntax  Key 

Fsutil 


ftype 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  or  modifies  file  types  that  are  used  in  file  name  extension  associations.  If  used  without  an  assignment 
operator  (=),  ftype  displays  the  current  open  command  string  for  the  specified  file  type.  If  used  without 
parameters,  ftype  displays  the  file  types  that  have  open  command  strings  defined. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

ftype  [<FileType>[=[<OpenCommandString>] ] ] 


Parameters 


PARAMETER 

DESCRIPTION 

<FileType> 

Specifies  the  file  type  to  display  or  change. 

<OpenCommandString> 

Specifies  the  open  command  string  to  use  when  opening  files 
of  the  specified  file  type. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

The  following  table  describes  how  ftype  substitutes  variables  within  an  open  command  string: 

VARIABLE 

REPLACEMENT  VALUE 

%0  or  %1 

Gets  substituted  with  the  file  name  being  launched  through 
the  association. 

%* 

Gets  all  of  the  parameters. 

%2,  %3, ... 

Gets  the  first  parameter  (%2),  the  second  parameter  (%3),  and 

so  on. 

%~<N> 

Gets  all  of  the  remaining  parameters  starting  with  the  A/th 
parameter,  where  N  can  be  any  number  from  2  to  9. 

Examples 

To  display  the  current  file  types  that  have  open  command  strings  defined,  type: 

ftype 

To  display  the  current  open  command  string  for  the  txtfile  file  type,  type: 


ftype  txtfile 


This  command  produces  output  similar  to  the  following: 
txtfile=%SystemRoot%\system32\N0TEPAD. EXE  %1 


To  delete  the  open  command  string  for  a  file  type  called  Example,  type: 


ftype  example= 


To  associate  the  .pi  file  name  extension  with  the  PerlScript  file  type  and  enable  the  PerlScript  file  type  to  run 
PERL.EXE,  type  the  following  commands: 


assoc  . pl=PerlScript 

ftype  PerlScript=perl.exe  %1  %* 


To  eliminate  the  need  to  type  the  .pi  file  name  extension  when  invoking  a  Perl  script,  type: 

set  PATHEXT=.pl;%PATHEXT% 

Additional  references 

Command-Line  Syntax  Key 


fveupdate 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


FveUpdate  is  an  internally  used  tool  that  is  run  by  setup  when  a  computer  is  upgraded  from  Windows  Vista  or 
Windows  Server  2008  to  Windows  7  or  Windows  Server  2008  R2.  It  updates  the  metadata  associated  with 
BitLocker  to  the  latest  version.  This  tool  cannot  be  run  independently. 


getmac 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Returns  the  media  access  control  (MAC)  address  and  list  of  network  protocols  associated  with  each  address  for  all 
network  cards  in  each  computer,  either  locally  or  across  a  network. 


Syntax 


getmac [ .exe] [/s  <computer>  [/u  <Domain\<User>  [/p  <Password>] ] ] [/fo  {TABLE  |  list  |  CSV}] [/nh] [/v] 

Parameters 

PARAMETER 

DESCRIPTION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  \ 

Runs  the  command  with  the  account  permissions  of  the  user 
specified  by  User  or  Domain\User.  The  default  is  the 
permissions  of  the  current  logged  on  user  on  the  computer 
issuing  the  command. 

/p 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/fo  {  TABLE  I  list]  CSV) 

Specifies  the  format  to  use  for  the  query  output.  Valid  values 
are  TABLE,  list,  and  CSV.  The  default  format  for  output  is 

TABLE 

/nh 

Suppresses  column  header  in  output.  Valid  when  the  /fo 
parameter  is  set  to  TABLE  or  CSV. 

/v 

Specifies  that  the  output  display  verbose  information. 

/? 

remarks 

getmac  can  be  useful  either  when  you  want  to  enter  the  MAC  address  into  a  network  analyzer  or  when  you  need 
to  know  what  protocols  are  currently  in  use  on  each  network  adapter  in  a  computer. 

Examples 

The  following  examples  show  how  you 

can  use  the  getmac  command: 

getmac  /fo  table  /nh  /v 

getmac  /s  srvmain 


getmac  /s  srvmain  /u  maindom\hiropln 


getmac  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23 


getmac  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /fo  list  /v 


getmac  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /fo  table  /nh 


additional  references 

•  Command-Line  Syntax  Key 


gettype 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Gettype  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003  .  For  more  information  see  Gettype. 


goto 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Directs  cmd.exe  to  a  labeled  line  in  a  batch  program.  Within  a  batch  program,  goto  directs  command  processing  to 
a  line  that  is  identified  by  a  label.  When  the  label  is  found,  processing  continues  starting  with  the  commands  that 
begin  on  the  next  line. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

goto  <Label> 


Parameters 

PARAMETER  DESCRIPTION 

<Label>  Specifies  a  text  string  that  is  used  as  a  label  in  the  batch 

program. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Working  with  command  extensions 

If  command  extensions  are  enabled  (the  default),  and  you  use  the  goto  command  with  a  target  label  of 
:EOF,  you  transfer  control  to  the  end  of  the  current  batch  script  file  and  exit  the  batch  script  file  without 
defining  a  label.  When  you  use  goto  with  the  :EOF  label,  you  must  insert  a  colon  before  the  label.  For 
example: 

goto: EOF 

•  Using  valid  Label  values 

You  can  use  spaces  in  the  Label  parameter,  but  you  cannot  include  other  separators  (for  example, 
semicolons  or  equal  signs). 

•  Matching  Label  with  the  label  in  the  batch  program 

The  Label  value  that  you  specify  must  match  a  label  in  the  batch  program.  The  label  within  the  batch 
program  must  begin  with  a  colon  (:).  If  a  line  begins  with  a  colon,  it  is  treated  as  a  label  and  any  commands 
on  that  line  are  ignored.  If  your  batch  program  does  not  contain  the  label  that  you  specify  in  Label,  the  batch 
program  stops  and  displays  the  following  message: 

Label  not  found 


•  Using  goto  for  conditional  operations 


You  can  use  goto  with  other  commands  to  perform  conditional  operations.  For  more  information  about 
using  goto  for  conditional  operations,  see  the  If  command  reference. 

Examples 

The  following  batch  program  formats  a  disk  in  drive  A  as  a  system  disk.  If  the  operation  is  successful,  the  goto 
command  directs  processing  to  the  :end  label: 

echo  off 
format  a:  /s 

if  not  errorlevel  1  goto  end 

echo  An  error  occurred  during  formatting. 

:end 

echo  End  of  batch  program. 

Additional  references 

Command-Line  Syntax  Key 

Cmd 

If 


gpfixup 

4/13/2018  •  2  min  to  read  •  Edit  Online 

Fix  domain  name  dependencies  in  Group  Policy  Objects  and  Group  Policy  links  after  a  domain  rename  operation. 

For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

Gpfixup  [/v] 

[/olddns : <OLDDNSNAME>  /newdns : <NEWDNSNAME>] 

[/oldnb : <OLDFLATNAME>  /newnb : <NEWFLATNAME>] 

[/dc : <DCNAME>]  [/sionly] 

[/user : <USERNAME>  [/pwd : {<PASSW0RD> | *}] ]  [/?] 

Parameters 

PARAMETER 

DESCRIPTION 

/V 

Displays  detailed  status  messages. 

If  this  parameter  is  not  used,  only  error  messages  or  a 
summary  status  message  of  SUCCESS  or  FAILURE  appears. 

/olddns:  <OLDDNSNAME> 

Specifies  the  old  DNS  name  of  the  renamed  domain  as 
<OLDDNSNAME>  when  the  domain  rename  operation 
changes  the  DNS  name  of  a  domain.  You  can  use  this 
parameter  only  if  you  also  use  the  /newdns  parameter  to 
specify  a  new  domain  DNS  name. 

/newdns:<NEWDNSNAME> 

Specifies  the  new  DNS  name  of  the  renamed  domain  as 
<NEWDNSNAME>  when  the  domain  rename  operation 
changes  the  DNS  name  of  a  domain.  You  can  use  this 
parameter  only  if  you  also  use  the  /olddns  parameter  to 
specify  the  old  domain  DNS  name. 

/oldnb:  <OLDFLATNAME> 

Specifies  the  old  NetBIOS  name  of  the  renamed  domain  as 
<OLDFLATNAME>  when  the  domain  rename  operation 
changes  the  NetBIOS  name  of  a  domain.  You  can  use  this 
parameter  only  if  you  use  the  /newnb  parameter  to  specify  a 
new  domain  NetBIOS  name. 

/newn  b:  <  N  EWF  L  ATNAM  E  > 

Specifies  the  new  NetBIOS  name  of  the  renamed  domain  as 
<NEWFLATNAME>  when  the  domain  rename  operation 
changes  the  NetBIOS  name  of  a  domain.  You  can  use  this 
parameter  only  if  you  use  the  /oldnb  parameter  to  specify  the 
old  domain  NetBIOS  name. 

PARAMETER 


DESCRIPTION 


/dc:<DCNAME>  Connect  to  the  domain  controller  named  <DCNAME>  (a  DNS 

name  or  a  NetBIOS  name).  <DCNAME>  must  host  a  writable 
replica  of  the  domain  directory  partition  as  indicated  by  one  of 
the  following: 

-  The  DNS  name  <NEWDNSNAME>  by  using  /newdns 

-  The  NetBIOS  name  <NEWFLATNAME>  by  using  /newnb 

If  this  parameter  is  not  used,  connect  to  any  domain  controller 
in  the  renamed  domain  indicated  by  <NEWDNSNAME>  or 
<NEWFLATNAME>. 


/sionly  Performs  only  the  Group  Policy  fix  that  relates  to  managed 

software  installation  (the  Software  Installation  extension  for 
Group  Policy).  Skip  the  actions  that  fix  Group  Policy  links  and 
the  SYSVOL  paths  in  GPOs. 


/user:<USERNAME>  Runs  this  command  in  the  security  context  of  the  user 

<  USERNAME>,  where  <  USERNAME>  is  in  the  format 
domain\user. 

If  this  parameter  is  not  used,  runs  this  command  as  the 
logged  in  user. 


/pwd:{<  PASSWORD>  *} 

/?  Displays  Help  at  the  command  prompt. 

Remarks 

•  The  gpfixup  command  is  available  in  Windows  Server  2008  R2  and  Windows  Server  2008,  except  on  Server 
Core  installations. 

•  Although  the  Group  Policy  Management  Console  (GPMC)  is  distributed  with  Windows  Server  2008  R2  and 
Windows  Server  2008,  you  must  install  Group  Policy  Management  as  a  feature  through  Server  Manager. 

Examples 

This  example  assumes  that  you  have  already  performed  a  domain  rename  operation  in  which  you  changed  the 
DNS  name  from  MyOldDnsName  to  MyNewDnsName,  and  the  NetBIOS  name  from  MyOld  NetBIOS  Name 
to  MyNewNetBIOSName.  In  this  example,  you  use  the  gpfixup  command  to  connect  to  the  domain  controller 
named  MyDcDnsName  and  repair  GPOs  and  Group  Policy  links  by  updating  the  old  domain  name  embedded  in 
the  GPOs  and  links.  Status  and  error  output  is  saved  to  a  file  that  is  named  gpfixup.log. 

gpfixup  /olddns:  MyOldDnsName  /newdns :MyNewOnsName  /oldnb :My01dNetBI0SName  /newnb : MyNewNetBIOSName 
/dc :MyDcDnsName  2>&1  >gpfixup.log 

This  example  is  the  same  as  the  previous  one,  except  that  it  assumes  the  NetBIOS  name  of  the  domain  was  not 
changed  during  the  domain  rename  operation. 

gpfixup  /olddns:  MyOldDnsName  /newdns :MyNewDnsName  /dc :MyDcDnsName  2>&1  >gpfixup.log 

Additional  references 

•  Administering  Active  Directory  Domain  Rename 

•  Group  Policy  TechCenter 

•  Command-Line  Syntax  Key 


g  presuit 

1 0/24/2017  •  3  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  the  Resultant  Set  of  Policy  (RSoP)  information  for  a  remote  user  and  computer.  To  use  RSoP  reporting  for 
remotely  targeted  computers  through  the  firewall,  you  must  have  firewall  rules  that  enable  inbound  network  traffic 
on  the  ports. 

Syntax 

gpresult  [/s  <compUTER>  [/u  <USERNAME>  [/p  [<PASSW0nd>] ] ] ]  [/user  [<TARGETDOMAIN>\]<TARGETUSER>]  [/scope  {user 
|  computer}]  {/r  |  /v  |  /z  |  [/x  |  /h]  <FILENAME>  [/f]  |  /?} 

Parameters 


NOTE 

Except  when  you  use  /?,  you  must  include  an  output  option,  either  /r,  /v,  /z,  /x,  or  /h. 


PARAMETER 

DESCRIPTION 

/S 

Specifies  the  name  or  IP  address  of  a  remote  computer.  Do  not 
use  backslashes.  The  default  is  the  local  computer. 

/U 

Uses  the  credentials  of  the  specified  user  to  run  the  command. 
The  default  user  is  the  user  who  is  logged  on  to  the  computer 
that  issues  the  command. 

/pO 

Specifies  the  password  of  the  user  account  that  is  provided  in 
the  /u  parameter.  If /p  is  omitted,  gpresult  prompts  for  the 
password,  /p  cannot  be  used  with  /x  or  /h. 

/user  N 

Specifies  the  remote  user  whose  RSoP  data  is  to  be  displayed. 

/scope  {user  |  computer) 

Displays  RSoP  data  for  either  the  user  or  the  computer.  If 
/scope  is  omitted,  gpresult  displays  RSoP  data  for  both  the 
user  and  the  computer. 

[/x  |  /h] 

Saves  the  report  in  either  XML  (/x)  or  HTML  (/h)  format  at  the 
location  and  with  the  file  name  that  is  specified  by  the 

FILENAME  parameter.  Cannot  be  used  with  /u,  /p,  /r,  /v,  or  /z. 

/f 

forces  gpresult  to  overwrite  the  file  name  that  is  specified  in 
the  /x  or  /h  option. 

/r 

Displays  RSoP  summary  data. 

PARAMETER 

DESCRIPTION 

/V 

Displays  verbose  policy  information.  This  includes  detailed 
settings  that  were  applied  with  a  precedence  of  1 . 

/Z 

Displays  all  available  information  about  Group  Policy.  This 
includes  detailed  settings  that  were  applied  with  a  precedence 
of  1  and  higher. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  Group  Policy  is  the  primary  administrative  tool  for  defining  and  controlling  how  programs,  network  resources, 
and  the  operating  system  operate  for  users  and  computers  in  an  organization.  In  an  active  directory 
environment,  Group  Policy  is  applied  to  users  or  computers  based  on  their  membership  in  sites,  domains,  or 
organizational  units. 

•  Because  you  can  apply  overlapping  policy  settings  to  any  computer  or  user,  the  Group  Policy  feature  generates 
a  resulting  set  of  policy  settings  when  the  user  logs  on.  gpresult  displays  the  resulting  set  of  policy  settings  that 
were  enforced  on  the  computer  for  the  specified  user  when  the  user  logged  on. 

•  Because  /v  and  /z  produce  lots  of  information,  it  is  useful  to  redirect  output  to  a  text  file  (for  example, 

gpresult/z  >policy.txt). 

•  The  gpresult  command  is  available  in  Windows  Server  201 2  ,  Windows  Server  2008  R2,  Windows 
Server2008,  Windows  8,  Windows  7,  and  Windows  Vista.  ##  Examples  The  following  example  retrieves  RSoP 
data  for  the  remote  user  targetusername  of  the  computer  srvmain,  and  displays  RSoP  data  about  the  user 
only.  The  command  is  run  with  the  credentials  of  the  user  maindom\hiropln,  and  p@ssW23  is  entered  as  the 
password  for  that  user,  gpresult  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /user  targetusername  /scope  user  /r 
The  following  example  saves  all  available  information  about  Group  Policy  for  the  remote  user  targetusername 
of  the  computer  srvmain  to  a  file  that  is  named  policy.txt.  No  data  is  included  about  the  computer.  The 
command  is  run  with  the  credentials  of  the  user  maindom\hiropln,  and  p@ssW23  is  entered  as  the  password 
for  that  user,  gpresult  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /user  targetusername  /z  >  policy.txt  The 
following  example  displays  RSoP  data  for  the  computer  srvmain  and  the  logged-on  user.  Data  is  included 
about  both  the  user  and  the  computer.  The  command  is  run  with  the  credentials  of  the  user  maindom\hiropln, 
and  p@ssW23  is  entered  as  the  password  for  that  user,  gpresult  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /r 
##  additional  references 

•  Group  Policy  TechCenter 


•  Command-Line  Syntax  Key 


gpupdate 

4/1 3/2018  *1  min  to  read  •  Edit  Online 


Updates  Group  Policy  settings.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 


gpupdate  [/target: {Computer 

1  User}]  [/force]  [/wait : <VALUE>]  [/logoff]  [/boot]  [/sync]  [/?] 

Parameters 


PARAMETER 

DESCRIPTION 

/target:{Computer 

User} 

/force 

Reapplies  all  policy  settings.  By  default,  only  policy  settings 
that  have  changed  are  applied. 

/wait:<VALUE> 

Sets  the  number  of  seconds  to  wait  for  policy  processing  to 
finish  before  returning  to  the  command  prompt.  When  the 
time  limit  is  exceeded,  the  command  prompt  appears,  but 
policy  processing  continues.  The  default  value  is  600  seconds. 
The  value  0  means  not  to  wait.  The  value  -1  means  to  wait 
indefinitely. 

In  a  script,  by  using  this  command  with  a  time  limit  specified, 
you  can  run  gpupdate  and  continue  with  commands  that  do 
not  depend  upon  the  completion  of  gpupdate.  Alternatively, 
you  can  use  this  command  with  no  time  limit  specified  to  let 
gpupdate  finish  running  before  other  commands  that 
depend  on  it  are  run. 

/logoff 

Causes  a  logoff  after  the  Group  Policy  settings  are  updated. 
This  is  required  for  those  Group  Policy  client-side  extensions 
that  do  not  process  policy  on  a  background  update  cycle  but 
do  process  policy  when  a  user  logs  on.  Examples  include  user- 
targeted  Software  Installation  and  Folder  Redirection.  This 
option  has  no  effect  if  there  are  no  extensions  called  that 
require  a  logoff. 

/boot 

Causes  a  computer  restart  after  the  Group  Policy  settings  are 
applied.  This  is  required  for  those  Group  Policy  client-side 
extensions  that  do  not  process  policy  on  a  background 
update  cycle  but  do  process  policy  at  computer  startup. 
Examples  include  computer-targeted  Software  Installation. 

This  option  has  no  effect  if  there  are  no  extensions  called  that 
require  a  restart. 

/sync 

Causes  the  next  foreground  policy  application  to  be  done 
synchronously.  Foreground  policy  is  applied  at  computer  boot 

and  user  logon.  You  can  specify  this  for  the  user,  computer,  or 
both,  by  using  the  /target  parameter.  The  /force  and  /wait 
parameters  are  ignored  if  you  specify  them. 


PARAMETER 


DESCRIPTION 


/?  Displays  Help  at  the  command  prompt. 

Remarks 

•  The  gpupdate  command  is  available  in  Windows  Server  2008  R2,  Windows  Server  2008,  Windows  7 
Ultimate,  Windows  7  Professional,  Windows  Vista  Ultimate,  Windows  Vista  Enterprise,  and  Windows  Vista 
Business. 

Examples 

Force  a  background  update  of  all  Group  Policy  settings,  regardless  of  whether  they  have  changed, 
gpupdate  /force 

Additional  references 

•  Group  Policy  TechCenter 

•  Command-Line  Syntax  Key 


graftabl 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Enables  Windows  operating  systems  to  display  an  extended  character  set  in  graphics  mode.  If  used  without 
parameters,  graftabl  displays  the  previous  and  the  current  code  page. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

graftabl  <CodePage> 
graftabl  /status 


Parameters 

PARAMETER  DESCRIPTION 

<CodePage>  Specifies  a  code  page  to  define  the  appearance  of  extended 

characters  in  graphics  mode. 

Valid  code  page  identification  numbers  are: 

437:  United  States 
850:  Multilingual  (Latin  I) 

852:  Slavic  (Latin  II) 

855:  Cyrillic  (Russian) 

857:  Turkish 

860:  Portuguese 

861:  Icelandic 

863:  Canadian-French 

865:  Nordic 

866:  Russian 

869:  Modern  Greek 


/status  Displays  the  current  code  page  that  graftabl  is  using. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Graftabl  affects  only  the  monitor  display  of  extended  characters  of  the  code  page  that  you  specify.  It  does  not 
change  the  actual  console  input  code  page.  To  change  the  console  input  code  page,  use  the  mode  or  chcp 
command. 

•  The  following  table  lists  each  exit  code  and  a  brief  description  of  it. 

| Exit  code|Description|  |- . -| . |  |0|Character  set  was  loaded  successfully.  No  previous  code  page  was 

loaded.]  |1  |An  incorrect  parameter  was  specified.  No  action  was  taken. |  |2|A  file  error  occurred. | 

•  You  can  use  the  ERRORLEVEL  environment  variable  in  a  batch  program  to  process  exit  codes  that  are  returned 

by  graftabl. 

Examples 


To  view  the  current  code  page  used  by  graftabl,  type: 


graftabl  /status 

To  load  the  graphics  character  set  for  code  page  437  (United  States)  into  memory,  type: 

graftabl  437 

To  load  the  graphics  character  set  for  code  page  850  (multilingual)  into  memory,  type: 

graftabl  850 

Additional  references 

Command-Line  Syntax  Key 

Freedisk 

Chcp 


help 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Provides  online  information  about  system  commands  (that  is,  non-network  commands).  If  used  without 
parameters,  help  lists  and  briefly  describes  every  system  command. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

help  [<Command>] 

[<Command>]  /? 


Parameters 

PARAMETER  DESCRIPTION 


<Command> 


Specifies  the  name  of  the  command  that  you  want  information 
about. 


Examples 

To  view  information  about  the  robocopy  command,  type  either  of  the  following: 

help  robocopy 
robocopy  /? 

Additional  references 

Command-Line  Syntax  Key 


helpctr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Helpctr  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003  .  For  more  information  see  Helpctr. 


hostname 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  the  host  name  portion  of  the  full  computer  name  of  the  computer. 

Syntax 

hostname 

Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

remarks 

This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network. 

Examples 

To  display  the  name  of  the  computer,  type: 

hostname 


additional  references 


•  Command-Line  Syntax  Key 


icacls 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Displays  or  modifies  discretionary  access  control  lists  (DACLs)  on  specified  files,  and  applies  stored  DACLs  to  files 
in  specified  directories. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

icacls  <FileName>  [/grant[:r]  <Sid> : <Perm>[ . . . ] ]  [/deny  <Sid>: <Perm>[ . . . ] ]  [/nemove[ :g | :d] ]  <Sid > [...]]  [/t] 
[/c]  [ /I ]  [/q]  [/setintegritylevel  <Level> : <Policy>[ . . . ] ] 

icacls  <Directory>  [/substitute  <Sid01d>  <SidNew>  [...]]  [/restore  <ACLfile>  [/c]  [ /I ]  [ /q ] ] 


Parameters 

PARAMETER  DESCRIPTION 


<FileName> 

Specifies  the  file  for  which  to  display  DACLs. 

<Directory> 

Specifies  the  directory  for  which  to  display  DACLs. 

/t 

Performs  the  operation  on  all  specified  files  in  the  current 
directory  and  its  subdirectories. 

/C 

Continues  the  operation  despite  any  file  errors.  Error 
messages  will  still  be  displayed. 

/I 

Performs  the  operation  on  a  symbolic  link  versus  its 
destination. 

/q 

Suppresses  success  messages. 

[/save  <ACLfile>  [/t]  [/c]  [/I]  [/q]] 

Stores  DACLs  for  all  matching  files  into  ACLfile  for  later  use 
with  /restore. 

[/setowner  <Username>  [/t]  [/c]  [/I]  [/q]] 

Changes  the  owner  of  all  matching  files  to  the  specified  user. 

[/findSID  <Sid>  [/t]  [/c]  [/I]  [/q]] 

Finds  all  matching  files  that  contain  a  DACL  explicitly 
mentioning  the  specified  security  identifier  (SID). 

[/verify  [/t]  [/c]  [/I]  [/q]] 

Finds  all  files  with  ACLs  that  are  not  canonical  or  have  lengths 
inconsistent  with  ACE  (access  control  entry)  counts. 

[/reset  [/t]  [/c]  [/I]  [/q]] 

Replaces  ACLs  with  default  inherited  ACLs  for  all  matching 
files. 

PARAMETER 


DESCRIPTION 


[/grant[:r]  <  Sid >:[...]] 

Grants  specified  user  access  rights.  Permissions  replace 
previously  granted  explicit  permissions. 

Without  :r,  permissions  are  added  to  any  previously  granted 
explicit  permissions. 

[/deny  <  Sid  > :[...]] 

Explicitly  denies  specified  user  access  rights.  An  explicit  deny 
ACE  is  added  for  the  stated  permissions  and  the  same 
permissions  in  any  explicit  grant  are  removed. 

[/remove[:g 

:d]]  <  Sid  >[...]]  [/t]  [/c]  [/I]  t/q] 

[/setintegritylevel  [(CI)(OI)l <  Level> :[...]] 

Explicitly  adds  an  integrity  ACE  to  all  matching  files.  Level  is 
specified  as: 

-  L[ow] 

-  M[edium] 

-  H[igh] 

Inheritance  options  for  the  integrity  ACE  may  precede  the 
level  and  are  applied  only  to  directories. 

[/substitute  < SidOld >  [...]] 

Replaces  an  existing  SID  ( SidOld )  with  a  new  SID  {SidNew). 
Requires  the  Directory  parameter. 

/restore  <ACLfile>  [/c]  [/I]  [/q] 


Applies  stored  DACLs  from  ACLfile  to  files  in  the  specified 
directory.  Requires  the  Directory  parameter. 


Remarks 

•  SIDs  may  be  in  either  numerical  or  friendly  name  form.  If  you  use  a  numerical  form,  affix  the  wildcard  character 
*  to  the  beginning  of  the  S I D. 

•  icacls  preserves  the  canonical  order  of  AC  E  entries  as: 
o  Explicit  denials 

o  Explicit  grants 
o  Inherited  denials 
o  Inherited  grants 

•  Perm  is  a  permission  mask  that  can  be  specified  in  one  of  the  following  forms: 
o  A  sequence  of  simple  rights: 

F  (full  access) 

M  (modify  access) 

RX  (read  and  execute  access) 

R  (read-only  access) 

W  (write-only  access) 

o  A  comma-separated  list  in  parenthesis  of  specific  rights: 

D  (delete) 

RC  (read  control) 


WDAC  (write  DAC) 


WO  (write  owner) 


S  (synchronize) 

AS  (access  system  security) 

MA  (maximum  allowed) 

GR  (generic  read) 

GW  (generic  write) 

GE  (generic  execute) 

GA  (generic  all) 

RD  (read  data/list  directory) 

WD  (write  data/add  file) 

AD  (append  data/add  subdirectory) 

REA  (read  extended  attributes) 

WEA  (write  extended  attributes) 

X  (execute/traverse) 

DC  (delete  child) 

RA  (read  attributes) 

WA  (write  attributes) 

•  Inheritance  rights  may  precede  either  Perm  form,  and  they  are  applied  only  to  directories: 

(01):  object  inherit 

(Cl):  container  inherit 

(10):  inherit  only 

(NP):  do  not  propagate  inherit 

Examples 

To  save  the  DACLs  for  all  files  in  the  C:\Windows  directory  and  its  subdirectories  to  the  ACLFile  file,  type: 

icacls  c:\windows\*  /save  aclfile  /t 

To  restore  the  DACLs  for  every  file  within  ACLFile  that  exists  in  the  C:\Windows  directory  and  its  subdirectories, 

type: 

icacls  c:\windows\  /restore  aclfile 

To  grant  the  user  Userl  Delete  and  Write  DAC  permissions  to  a  file  named  "Testl ",  type: 
icacls  testl  /grant  Userl: (d,wdac) 

To  grant  the  user  defined  by  SID  S-1-1-0  Delete  and  Write  DAC  permissions  to  a  file,  named  "Test2",  type: 


icacls  test2  /grant  *S-l-l-0: (d,wdac) 


Additional  references 

Command-Line  Syntax  Key 


if 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Performs  conditional  processing  in  batch  programs. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

if  [not]  ERRORLEVEL  <Number>  <Command>  [else  <Expression>] 
if  [not]  <Stringl>==<String2>  <Command>  [else  <Expression>] 
if  [not]  exist  <FileName>  <Command>  [else  <Expression>] 


if  command  extensions  are  enabled,  use  the  following  syntax: 


if  [/i]  <Stringl>  <CompareOp>  <Stning2>  <Command>  [else 
if  cmdextvension  <Number>  <Command>  [else  <Expression>] 
if  defined  <Variable>  <Command>  [else  <Expression>] 

<Expression>] 

Parameters 

PARAMETER 

DESCRIPTION 

not 

Specifies  that  the  command  should  be  carried  out  only  if  the 
condition  is  false. 

errorlevel  <Number> 

Specifies  a  true  condition  only  if  the  previous  program  run  by 
Cmd.exe  returned  an  exit  code  equal  to  or  greater  than 

Number. 

<Command> 

Specifies  the  command  that  should  be  carried  out  if  the 
preceding  condition  is  met. 

<  Stringl  >  =  = 

Specifies  a  true  condition  only  if  String  1  and  String2  are  the 
same.  These  values  can  be  literal  strings  or  batch  variables  (for 
example,  %1).  You  do  not  need  to  enclose  literal  strings  in 
quotation  marks. 

exist  <FileName> 

Specifies  a  true  condition  if  the  specified  file  name  exists. 

<CompareOp> 

Specifies  a  three-letter  comparison  operator.  The  following  list 
represents  valid  values  for  CompareOp: 

EQU  Equal  to 

NEQ  Not  equal  to 

LSS  Less  than 

LEQ  Less  than  or  equal  to 

GTR  Greater  than 

GEQ  Greater  than  or  equal  to 

PARAMETER 


DESCRIPTION 


/i  Forces  string  comparisons  to  ignore  case.  You  can  use  /i  on 

the  String  7  =  =String2  form  of  if.  These  comparisons  are 
generic,  in  that  if  both  String  7  and  String2  are  comprised  of 
numeric  digits  only,  the  strings  are  converted  to  numbers  and 
a  numeric  comparison  is  performed. 


cmdextversion  <Number>  Specifies  a  true  condition  only  if  the  internal  version  number 

associated  with  the  command  extensions  feature  of  Cmd.exe 
is  equal  to  or  greater  than  the  number  specified.  The  first 
version  is  1.  It  increases  by  increments  of  one  when  significant 
enhancements  are  added  to  the  command  extensions.  The 
cmdextversion  conditional  is  never  true  when  command 
extensions  are  disabled  (by  default,  command  extensions  are 
enabled). 


defined  <Variable>  Specifies  a  true  condition  if  Variable  is  defined. 

<Expression>  Specifies  a  command-line  command  and  any  parameters  to 

be  passed  to  the  command  in  an  else  clause. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  If  the  condition  specified  in  an  if  clause  is  true,  the  command  that  follows  the  condition  is  carried  out.  If  the 
condition  is  false,  the  command  in  the  if  clause  is  ignored  and  the  command  executes  any  command  that  is 
specified  in  the  else  clause. 

•  When  a  program  stops,  it  returns  an  exit  code.  To  use  exit  codes  as  conditions,  use  errorlevel. 

•  If  you  use  defined,  the  following  three  variables  are  added  to  the  environment:  %errorlevel%, 
%cmdcmdline%,  and  %cmdextversion%. 

o  %errorlevel%  expands  into  a  string  representation  of  the  current  value  of  the  ERRORLEVEL 

environment  variable.  This  assumes  that  there  is  not  an  existing  environment  variable  with  the  name 
ERRORLEVEL — if  there  is,  you  will  get  that  ERRORLEVEL  value  instead, 
o  %cmdcmdline%  expands  into  the  original  command  line  that  was  passed  to  Cmd.exe  prior  to  any 
processing  by  Cmd.exe.  This  assumes  that  there  is  not  an  existing  environment  variable  with  the  name 
CMDCMDLINE — if  there  is,  you  will  get  the  CMDCMDLINE  value  instead, 
o  %cmdextversion%  expands  into  the  string  representation  of  the  current  value  of  cmdextversion.  This 
assumes  that  there  is  not  an  existing  environment  variable  with  the  name  CMDEXTVERSION — if  there 
is,  you  will  get  the  CMDEXTVERSION  value  instead. 

•  You  must  use  the  else  clause  on  the  same  line  as  the  command  after  the  if. 

Examples 

To  display  the  message  "Cannot  find  data  file"  if  the  file  Product.dat  cannot  be  found,  type: 

if  not  exist  product.dat  echo  Cannot  find  data  file 

To  format  a  disk  in  drive  A  and  display  an  error  message  if  an  error  occurs  during  the  formatting  process,  type  the 

following  lines  in  a  batch  file: 


: begin 
@echo  off 
format  a:  /s 

if  not  errorlevel  1  goto  end 

echo  An  error  occurred  during  formatting. 

:  end 

echo  End  of  batch  program. 


To  delete  the  file  Product.dat  from  the  current  directory  or  display  a  message  if  Product.dat  is  not  found,  type  the 
following  lines  in  a  batch  file: 


IF  EXIST  Product.dat  ( 
del  Product.dat 
)  ELSE  ( 

echo  The  Product.dat  file  is  missing. 

) 


Additional  references 

Command-Line  Syntax  Key 

If 


Goto 


inuse 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Inuse  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003  .  For  more  information  see  Inuse. 


ipconfig 

4/13/2018  •  4  min  to  read  •  Edit  Online 

Displays  all  current  TCP/IP  network  configuration  values  and  refreshes  Dynamic  Host  Configuration  Protocol 
(DHCP)  and  Domain  Name  System  (DNS)  settings.  Used  without  parameters,  ipconfig  displays  Internet  Protocol 
version  4  (IPv4)  and  IPv6  addresses,  subnet  mask,  and  default  gateway  for  all  adapters. 

Syntax 

ipconfig  [/allcompartments]  [/all]  [/renew  [<Adapter>]]  [/release  [<Adapter>]]  [/renew6[<Adapter>] ]  [/release6 
[<Adapter>]]  [/flushdns]  [/displaydns]  [/registerdns]  [/showclassid  <Adapter>]  [/setclassid  <Adapter> 

[<ClassID>] ] 

Parameters 

PARAMETER 

DESCRIPTION 

/all 

Displays  the  full  TCP/IP  configuration  for  all  adapters.  Adapters 
can  represent  physical  interfaces,  such  as  installed  network 
adapters,  or  logical  interfaces,  such  as  dial-up  connections. 

/allcompartments 

Displays  the  full  TCP/IP  configuration  for  all  compartments. 

/displaydns 

Displays  the  contents  of  the  DNS  client  resolver  cache,  which 
includes  both  entries  preloaded  from  the  local  Hosts  file  and 
any  recently  obtained  resource  records  for  name  queries 
resolved  by  the  computer.  The  DNS  Client  service  uses  this 
information  to  resolve  frequently  queried  names  quickly, 
before  querying  its  configured  DNS  servers. 

/flushdns 

Flushes  and  resets  the  contents  of  the  DNS  client  resolver 
cache.  During  DNS  troubleshooting,  you  can  use  this 
procedure  to  discard  negative  cache  entries  from  the  cache,  as 
well  as  any  other  entries  that  have  been  added  dynamically. 

/registerdns 

Initiates  manual  dynamic  registration  for  the  DNS  names  and 

IP  addresses  that  are  configured  at  a  computer.  You  can  use 
this  parameter  to  troubleshoot  a  failed  DNS  name  registration 
or  resolve  a  dynamic  update  problem  between  a  client  and  the 
DNS  server  without  rebooting  the  client  computer  The  DNS 
settings  in  the  advanced  properties  of  the  TCP/IP  protocol 
determine  which  names  are  registered  in  DNS. 

/release  [<Adapter>] 

Sends  a  DHCPRELEASE  message  to  the  DHCP  server  to 
release  the  current  DHCP  configuration  and  discard  the  IP 
address  configuration  for  either  all  adapters  (if  an  adapter  is 
not  specified)  or  for  a  specific  adapter  if  the  Adapter 
parameter  is  included.  This  parameter  disables  TCP/IP  for 
adapters  configured  to  obtain  an  IP  address  automatically.  To 
specify  an  adapter  name,  type  the  adapter  name  that  appears 
when  you  use  ipconfig  without  parameters. 

PARAMETER 


DESCRIPTION 


/release6[<Adapter>] 

Sends  a  DHCPRELEASE  message  to  the  DHCPv6  server  to 
release  the  current  DHCP  configuration  and  discard  the  IPv6 
address  configuration  for  either  all  adapters  (if  an  adapter  is 
not  specified)  or  for  a  specific  adapter  if  the  Adapter 
parameter  is  included.  This  parameter  disables  TCP/IP  for 
adapters  configured  to  obtain  an  IP  address  automatically.  To 
specify  an  adapter  name,  type  the  adapter  name  that  appears 
when  you  use  ipconfig  without  parameters. 

/renew  [<Adapter>] 

Renews  DHCP  configuration  for  all  adapters  (if  an  adapter  is 
not  specified)  or  for  a  specific  adapter  if  the  Adapter 
parameter  is  included.  This  parameter  is  available  only  on 
computers  with  adapters  that  are  configured  to  obtain  an  IP 
address  automatically.  To  specify  an  adapter  name,  type  the 
adapter  name  that  appears  when  you  use  ipconfig  without 
parameters. 

/renew6  [<Adapter>] 

Renews  DHCPv6  configuration  for  all  adapters  (if  an  adapter  is 
not  specified)  or  for  a  specific  adapter  if  the  Adapter 
parameter  is  included.  This  parameter  is  available  only  on 
computers  with  adapters  that  are  configured  to  obtain  an  IPv6 
address  automatically.  To  specify  an  adapter  name,  type  the 
adapter  name  that  appears  when  you  use  ipconfig  without 
parameters. 

/setclassid  <Adapter>[] 

Configures  the  DHCP  class  ID  for  a  specified  adapter.  To  set 
the  DHCP  class  ID  for  all  adapters,  use  the  asterisk  (*)  wildcard 
character  in  place  of  Adapter.  This  parameter  is  available  only 
on  computers  with  adapters  that  are  configured  to  obtain  an 

IP  address  automatically.  If  a  DHCP  class  ID  is  not  specified, 
the  current  class  ID  is  removed. 

/showclassid  <Adapter> 

Displays  the  DHCP  class  ID  for  a  specified  adapter.  To  see  the 
DHCP  class  ID  for  all  adapters,  use  the  asterisk  (*)  wildcard 
character  in  place  of  Adapter.  This  parameter  is  available  only 
on  computers  with  adapters  that  are  configured  to  obtain  an 

IP  address  automatically. 

/? 

Displays  Help  at  the  command  prompt. 

Remarks 

•  This  command  is  most  useful  on  computers  that  are  configured  to  obtain  an  IP  address  automatically.  This 
enables  users  to  determine  which  TCP/IP  configuration  values  have  been  configured  by  DHCP,  Automatic 
Private  IP  Addressing  (API PA),  or  an  alternate  configuration. 

•  If  the  name  you  supply  for  Adapter  contains  any  spaces,  use  quotation  marks  around  the  adapter  name 
(example:  "Adapter  Name"). 

•  For  adapter  names,  ipconfig  supports  the  use  of  the  asterisk  (*)  wildcard  character  to  specify  either  adapters 
with  names  that  begin  with  a  specified  string  or  adapters  with  names  that  contain  a  specified  string.  For 
example,  Local\*  matches  all  adapters  that  start  with  the  string  Local  and  *Con\*  matches  all  adapters  that 
contain  the  string  Con. 

Examples 

To  display  the  basic  TCP/IP  configuration  for  all  adapters,  type: 


ipconfig 


To  display  the  full  TCP/IP  configuration  for  all  adapters,  type: 
ipconfig  /all 


To  renew  a  DHCP-assigned  IP  address  configuration  for  only  the  Local  Area  Connection  adapter,  type: 


ipconfig  /renew  "Local  Area  Connection" 


To  flush  the  DNS  resolver  cache  when  troubleshooting  DNS  name  resolution  problems,  type: 
ipconfig  /flushdns 


To  display  the  DHCP  class  ID  for  all  adapters  with  names  that  start  with  Local,  type: 
ipconfig  /showclassid  Local* 


To  set  the  DHCP  class  ID  for  the  Local  Area  Connection  adapter  to  TEST,  type: 


ipconfig  /setclassid  "Local  Area  Connection"  TEST 


Additional  references 


•  Command-Line  Syntax  Key 


ipxroute 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Displays  and  modifies  information  about  the  routing  tables  used  by  the  IPX  protocol.  Used  without  parameters, 
ipxroute  displays  the  default  settings  for  packets  that  are  sent  to  unknown,  broadcast,  and  multicast  addresses. 

Syntax 

ipxroute  servers  [/type=X] 
ipxroute  ripout  <Network> 

ipxroute  resolve  {guid  |  name}  {GUID  |  <AdapterName>} 
ipxroute  board=  N  [def]  [gbr]  [mbr]  [remove=xxxxxxxxxxxx] 
ipxroute  config 


Parameters 

PARAMETER  DESCRIPTION 

servers!  /type=X]  Displays  the  Service  Access  Point  (SAP)  table  for  the  specified 

server  type.  X  must  be  an  integer.  For  example,  /type=4 
displays  all  file  servers.  If  you  do  not  specify /type,  ipxroute 
servers  displays  all  types  of  servers,  listing  them  by  server 
name. 


ripout  Network 

Discovers  if  Network  is  reachable  by  consulting  the  IPX  stack's 
route  table  and  sending  out  a  rip  request  if  necessary. 

Network  is  the  IPX  network  segment  number. 

resolve!  GUID|  name)  {  GUID|  AdapterName) 

Resolves  the  name  of  the  GUID  to  its  friendly  name,  or  the 
friendly  name  to  its  GUID. 

board=  N 

Specifies  the  network  adapter  for  which  to  query  or  set 
parameters. 

def 

Sends  packets  to  the  ALL  ROUTES  broadcast.  If  a  packet  is 
transmitted  to  a  unique  Media  Access  Card  (MAC)  address 
that  is  not  in  the  source  routing  table,  ipxroute  sends  the 
packet  to  the  SINGLE  ROUTES  broadcast  by  default. 

gbr 

Sends  packets  to  the  ALL  ROUTES  broadcast.  If  a  packet  is 
transmitted  to  the  broadcast  address  (FFFFFFFFFFFF), 
ipxroute  sends  the  packet  to  the  SINGLE  ROUTES  broadcast 
by  default. 

mbr 

Sends  packets  to  the  ALL  ROUTES  broadcast.  If  a  packet  is 
transmitted  to  a  multicast  address  (COOOxxxxxxxx),  ipxroute 
sends  the  packet  to  the  SINGLE  ROUTES  broadcast  by  default. 

PARAMETER 


DESCRIPTION 


remove=  xxxxxxxxxxxx 


removes  the  given  node  address  from  the  source  routing 
table. 


config 


Displays  information  about  all  of  the  bindings  for  which  IPX  is 
configured. 


/?  Displays  help  at  the  command  prompt. 

Examples 

To  display  the  network  segments  that  the  workstation  is  attached  to,  the  workstation  node  address,  and  frame  type 
being  used,  type: 

ipxnoute  config 


additional  references 

•  Command-Line  Syntax  Key 


irftp 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Sends  files  over  an  infrared  link. 

Syntax 

irftp  [<Drive>:\]  [[<path>]  <FileName>]  [/h]  [/s] 

Parameters 

PARAMETER  DESCRIPTION 

Drive:|Specifies  the  drive  that  contains  the  files  that  you  want 
to  send  over  an  infrared  link. 


[path]FileName  Specifies  the  location  and  name  of  the  file  or  set  of  files  that 

you  want  to  send  over  an  infrared  link.  If  you  specify  a  set  of 
files,  you  must  specify  the  full  path  for  each  file. 


/h 


Specifies  hidden  mode.  When  hidden  mode  is  used,  the  files 
are  sent  without  displaying  the  Wireless  Link  dialog  box. 


/s  Opens  the  Wireless  Link  dialog  box,  so  that  you  can  select  the 

file  or  set  of  files  that  you  want  to  send  without  using  the 
command  line  to  specify  the  drive,  path,  and  file  names. 


remarks 

•  Before  using  this  command,  verify  that  the  devices  that  you  want  to  communicate  over  an  infrared  link  have 
infrared  functionality  enabled  and  working  correctly,  and  that  an  infrared  link  is  established  between  the  devices. 

•  Used  without  parameters  or  used  with  /s,  irftp  opens  the  Wireless  Link  dialog  box,  where  you  can  select  the 
files  that  you  want  to  send  without  using  the  command  line. 

Examples 

Send  Example.txt  over  the  infrared  link. 

irftp  c:\example.txt 


additional  references 


•  Command-Line  Syntax  Key 


jetpack 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

compacts  a  Windows  Internet  Name  Service  (WINS)  or  Dynamic  Host  Configuration  Protocol  (DHCP)  database. 
Microsoft  recommends  that  you  compact  the  WINS  database  whenever  it  approaches  30  MB. 

Syntax 

jetpack.EXE  <database  name>  ctemp  database  name> 

Parameters 

PARAMETER  DESCRIPTION 


Specifies  the  original  database  file. 


Specifies  the  temporary  database  file. 


/?  Displays  help  at  the  command  prompt. 


Examples 

To  compact  the  WINS  database: 


cd  %SYSTEMR00T%\SYSTEM32\WINS 
NET  STOP  WINS 
jetpack  WINS.MDB  TMP.MDB 
NET  start  WINS 


To  compact  the  DHCP  database: 


cd  %SYSTEMR00T%\SYSTEM32\DHCP 
NET  STOP  DHCPSERver 
jetpack  DHCP.MDB  TMP.MDB 
NET  start  DHCPSERver 


In  the  examples  above,  Tmp.mdb  is  a  temporary  database  that  is  used  byjetpack.exe.  Wins.mdb  is  the  WINS 
database.  Dhcp.mdb  is  the  DHCP  database.jetpack.exe  compacts  the  WINS  or  DHCP  database  by  doing  the 
following: 


1 .  Copies  database  information  to  a  temporary  database  file  called  Tmp.mdb. 

2.  deletes  the  original  database  file,  Wins.mdb  or  Dhcp.mdb. 

3.  renames  the  temporary  database  files  to  the  original  filename. 


NOTE 

During  the  compact  process,  jetpack.exe  creates  a  temporary  file  with  the  name  that  is  specified  by  the  temp  database  name 
parameter.  The  temporary  file  is  removed  when  the  compact  process  is  complete.  Make  sure  you  do  not  have  a  file  already 
existing  in  WINS  or  DHCP  folder  with  the  same  name  as  the  one  specified  in  the  temp  database  name  parameter. 


additional  references 

•  Command-Line  Syntax  Key 


klist 

4/1 3/2018  •  5  min  to  read  •  Edit  Online 


Displays  a  list  of  currently  cached  Kerberos  tickets.  This  information  applies  to  Windows  Server  2012.  For 
examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

klist  [-lh  <LogonId.HighPart>]  [ - li  <LogonId . LowPart>]  tickets  |  tgt  |  purge  |  sessions  |  kcd_cache  |  get 


add_bind  | 

query_bind  |  purge_bind 

Parameters 


PARAMETER 

DESCRIPTION 

-lh 

Denotes  the  high  part  of  the  user's  locally  unique  identifier 
(LUID),  expressed  in  hexadecimal.  If  neither  -lh  or  -li  are 
present,  the  command  defaults  to  the  LUID  of  the  user  who  is 
currently  signed  in. 

-li 

Denotes  the  low  part  of  the  user's  locally  unique  identifier 
(LUID),  expressed  in  hexadecimal.  If  neither  -lh  or  -li  are 
present,  the  command  defaults  to  the  LUID  of  the  user  who  is 
currently  signed  in. 

tickets 

Lists  the  currently  cached  ticket-granting-tickets  (TGTs),  and 
service  tickets  of  the  specified  logon  session.  This  is  the 
default  option. 

tgt 

Displays  the  initial  Kerberos  TGT 

purge 

Allows  you  to  delete  all  the  tickets  of  the  specified  logon 
session. 

sessions 

Displays  a  list  of  logon  sessions  on  this  computer. 

kcd_cache 

Displays  the  Kerberos  constrained  delegation  cache 
information. 

get 

Allows  you  to  request  a  ticket  to  the  target  computer 
specified  by  the  service  principal  name  (SPN). 

add_bind 

Allows  you  to  specify  a  preferred  domain  controller  for 
Kerberos  authentication. 

query_bind 

Displays  a  list  of  cached  preferred  domain  controllers  for  each 
domain  that  Kerberos  has  contacted. 

purge_bind 

Removes  the  cached  preferred  domain  controllers  for  the 
domains  specified. 

PARAMETER 


DESCRIPTION 


kdcoptions  Displays  the  Key  Distribution  Center  (KDC)  options  specified 

RFC  4120. 

/?  Displays  Help  for  this  command. 

Remarks 

Membership  in  Domain  Admins,  or  equivalent,  is  the  minimum  required  to  run  all  the  parameters  of  this 
command. 

If  no  parameters  are  provided,  Klist  will  retrieve  all  the  tickets  for  the  currently  logged  on  user. 

The  parameters  display  the  following  information: 

•  tickets 

Lists  the  currently  cached  tickets  of  services  that  you  have  authenticated  to  since  logon.  Displays  the 
following  attributes  of  all  cached  tickets: 

o  LogonID: The  LUID 

o  Client:  The  concatenation  of  the  client  name  and  the  domain  name  of  the  client 
o  Server:  The  concatenation  of  the  service  name  and  the  domain  name  of  the  service 
o  KerbTicket  Encryption  Type:  The  encryption  type  that  is  used  to  encrypt  the  Kerberos  ticket 
o  Ticket  Flags:  The  Kerberos  ticket  flags 
o  Start  Time:  The  time  from  which  the  ticket  will  be  valid 

o  End  Time:  The  time  the  ticket  becomes  no  longer  valid.  When  a  ticket  is  past  this  time,  it  can  no  longer 
be  used  to  authenticate  to  a  service  or  be  used  for  renewal 
o  Renew  Time:  The  time  that  a  new  initial  authentication  is  required 
o  Session  Key  Type:  The  encryption  algorithm  that  is  used  for  the  session  key 

•  tgt 

Lists  the  initial  Kerberos  TGT  and  the  following  attributes  of  the  currently  cached  ticket: 

o  LogonID:  Identified  in  hexadecimal 
o  ServiceName:  krbtgt 
o  TargetName  <SPN>:  krbtgt 

o  DomainName:  Name  of  the  domain  that  issues  the  TGT 
o  TargetDomainName:  Domain  that  the  TGT  is  issued  to 
o  AltTargetDomainName:  Domain  that  the  TGT  is  issued  to 
o  Ticket  Flags:  Address  and  target  actions  and  type 
o  Session  Key:  Key  length  and  encryption  algorithm 
o  StartTime:  Local  computer  time  that  the  ticket  was  requested 

o  EndTime:  Time  the  ticket  becomes  no  longer  valid.  When  a  ticket  is  past  this  time,  it  can  no  longer  be 
used  to  authenticate  to  a  service, 
o  RenewUntil:  Deadline  for  ticket  renewal 

o  TimeS kew:  Time  difference  with  the  Key  Distribution  Center  (KDC) 
o  EncodedTicket:  Encoded  ticket 

•  purge 

Allows  you  to  delete  a  specific  ticket.  Purging  tickets  destroys  all  tickets  that  you  have  cached,  so  use  this 


attribute  with  caution.  It  might  stop  you  from  being  able  to  authenticate  to  resources.  If  this  happens,  you 
will  have  to  log  off  and  log  on  again. 

o  LogonID:  Identified  in  hexadecimal 

•  sessions 

Allows  you  to  list  and  display  the  information  for  all  logon  sessions  on  this  computer. 

o  Logonl  D:  If  specified,  displays  the  logon  session  only  by  the  given  value.  If  not  specified,  displays  all  the 
logon  sessions  on  this  computer. 

•  kcd  cache 

Allows  you  to  display  the  Kerberos  constrained  delegation  cache  information. 

o  Logonl  D:  If  specified,  displays  the  cache  information  for  the  logon  session  by  the  given  value.  If  not 
specified,  displays  the  cache  information  for  the  current  user's  logon  session. 

•  get 

Allows  you  to  request  a  ticket  to  the  target  that  is  specified  by  the  SPN. 

o  Logonl  D:  If  specified,  requests  a  ticket  by  using  the  logon  session  by  the  given  value.  If  not  specified, 
requests  a  ticket  by  using  the  current  user's  logon  session, 
o  kdcoptions:  Requests  a  ticket  with  the  given  KDC  options 

•  add  bind 

Allows  you  to  specify  a  preferred  domain  controller  for  Kerberos  authentication. 

•  query  bind 

Allows  you  to  display  cached,  preferred  domain  controllers  for  the  domains. 

•  purge  bind 

Allows  you  to  remove  cached,  preferred  domain  controllers  for  the  domains. 

•  kdcoptions 

For  the  current  list  of  options  and  their  explanations,  see  RFC  41 20. 

Other  considerations 

•  Klist.exe  is  available  in  Windows  Server  2012  and  Windows  8,  and  it  requires  no  special  installation. 

Examples 

1 .  When  you  are  diagnosing  an  Event  ID  27  while  processing  a  ticket-granting  service  (TGS)  request  for  the  target 
server,  the  account  did  not  have  a  suitable  key  to  generate  a  Kerberos  ticket.  You  can  use  Klist  to  query  the 
Kerberos  ticket  cache  to  determine  if  any  tickets  are  missing,  if  the  target  server  or  account  is  in  error,  or  if  the 
encryption  type  is  not  supported. 

klist 

klist  -li  0x3e7 

2.  When  you  diagnose  errors  and  you  want  to  know  the  specifics  of  each  ticket-granting-ticket  that  is  cached  on 
the  computer  for  a  logon  session,  you  can  use  Klist  to  display  the  TGT  information. 

klist  tgt 

3.  If  you  are  unable  to  establish  a  connection  and  diagnosis  might  take  too  long,  you  can  purge  the  Kerberos 
ticket  cache,  log  off,  and  then  log  back  on. 


klist  purge 

klist  purge 

-li  0x3e7 

4.  When  you  want  to  diagnose  a  logon  session  for  a  user  or  a  service,  you  can  use  the  following  command  to  find 
the  Logonl  D  that  is  used  in  other  Klist  commands. 

klist  sessions 

5.  When  you  want  to  diagnose  Kerberos  constrained  delegation  failure,  you  can  use  the  following  command  to 
find  the  last  error  that  was  encountered. 

klist  kcd_cache 

6.  When  you  want  to  diagnose  if  a  user  or  a  service  can  get  a  ticket  to  a  server,  you  can  use  this  command  to 
request  a  ticket  for  a  specific  SPN. 

klist  get  host/%computenname% 

7.  When  diagnosing  replication  issues  across  domain  controllers,  you  typically  need  the  client  computer  to 
target  a  specific  domain  controller.  In  these  cases,  you  can  use  the  following  command  to  target  the  client 
computer  to  that  specific  domain  controller. 

klist  add_bind  CONTOSO  KDC.CONTOSO.COM 

klist  add_bind  C0NT0S0.C0M  KDC.CONTOSO.COM 

8.  To  query  what  domain  controllers  this  computer  recently  contacted,  you  can  use  the  following  command. 

klist  query_bind 

9.  When  you  want  Kerberos  to  rediscover  domain  controllers,  you  can  use  the  following  command.  This 
command  can  also  be  used  to  flush  the  cache  before  creating  new  domain  controller  bindings  with  klist 
add_bind. 

klist  purge_bind 

Additional  references 

•  Command-Line  Syntax  Key 


ksetup 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Performs  tasks  that  are  related  to  setting  up  and  maintaining  Kerberos  protocol  and  the  Key  Distribution  Center 
(KDC)  to  support  Kerberos  realms,  which  are  not  also  Windows  domains.  For  examples  of  how  this  command 
can  be  used,  see  the  Examples  section  in  each  of  the  related  subtopics. 

Syntax 

ksetup 

[/setrealm  <DNSDomainName>] 

[/mapuser  <Principal>  <Account>] 

[/addkdc  <RealmName>  <KDCName>] 

[/delkdc  <RealmName>  <KDCName>] 

[/addkpasswd  <RealmName>  <KDCPasswordName>] 

[/delkpasswd  <RealmName>  <KDCPasswordName>] 

[/server  <ServerName>] 

[/setcomputerpassword  <Password>] 

[/removerealm  <RealmName>] 

[/domain  <DomainName>] 

[/changepassword  <01dPassword>  <NewPassword>] 

[ /list realmf lags] 

[/setrealmflags  <RealmName>  [sendaddress]  [tcpsupported]  [delegate]  [ncsupported]  [rc4]] 

[/addrealmflags  <RealmName>  [sendaddress]  [tcpsupported]  [delegate]  [ncsupported]  [rc4]] 

[/delrealmflags  [sendaddress]  [tcpsupported]  [delegate]  [ncsupported]  [rc4]] 

[/dumpstate] 

[/addhosttorealmmap]  <HostName>  <RealmName>] 

[/delhosttorealmmap]  <HostName>  <RealmName>] 

[/setenctypeattr]  <DomainName>  {DES-CBC-CRC  |  DES-CBC-MD5  |  RC4-HMAC-MD5  |  AES128-CTS-HMAC-SHA1-96  |  AES256- 
CTS-HMAC-SHA1-96} 

[/getenctypeattr]  <DomainName> 

[/addenctypeattr]  <DomainName>  {DES-CBC-CRC  |  DES-CBC-MD5  |  RC4-HMAC-MD5  |  AES128-CTS-HMAC-SHA1-96  |  AES256- 
CTS-HMAC-SHA1-96} 

[/delenctypeattr]  <DomainName> 


Parameters 


PARAMETER 

DESCRIPTION 

Ksetup:setrealm 

Makes  this  computer  a  member  of  a  Kerberos  realm. 

Ksetup:mapuser 

Maps  a  Kerberos  principal  to  an  account. 

Ksetup:addkdc 

Defines  a  KDC  entry  for  the  given  realm. 

Ksetup:delkdc 

Deletes  a  KDC  entry  for  the  realm. 

Ksetup:addkpasswd 

Adds  a  Kpasswd  server  address  for  a  realm. 

Ksetup:delkpasswd 

Deletes  a  Kpasswd  server  address  for  a  realm. 

Ksetup:server 

Allows  you  to  specify  the  name  of  a  Windows  computer  on 
which  to  apply  the  changes. 

PARAMETER 


DESCRIPTION 


Ksetup:setcomputerpassword 

Sets  the  password  for  the  computer's  domain  account  (or 
host  principal). 

Ksetup:removerealm 

Deletes  all  information  for  the  specified  realm  from  the 
registry. 

Ksetup:domain 

Allows  you  to  specify  a  domain  (if  <DomainName>  has  not 
been  set  by  using  /domain). 

Ksetup:changepassword 

Allows  you  to  use  the  Kpasswd  to  change  the  logged  on 
user's  password. 

Ksetup:listrealmflags 

Lists  the  available  realm  flags  that  ksetup  can  detect. 

Ksetup:setrealmflags 

Sets  realm  flags  for  a  specific  realm. 

Ksetup:addrealmflags 

Adds  additional  realm  flags  to  a  realm. 

Ksetup:delrealmflags 

Deletes  realm  flags  from  a  realm. 

Ksetup:dumpstate 

Analyzes  the  Kerberos  configuration  on  the  given  computer. 
Adds  a  host  to  realm  mapping  to  the  registry. 

Ksetup:addhosttorealmmap 

Adds  a  registry  value  to  map  the  host  to  the  Kerberos  realm. 

Ksetup:delhosttorealmmap 

Deletes  the  registry  value  that  mapped  the  host  computer  to 
the  Kerberos  realm. 

Ksetup:setenctypeattr 

Sets  one  or  more  encryption  types  trust  attributes  for  the 
domain. 

Ksetup:getenctypeattr 

Gets  the  encryption  types  trust  attribute  for  the  domain. 

Ksetup:addenctypeattr 

Adds  encryption  types  to  the  encryption  types  trust  attribute 
for  the  domain. 

Ksetup:delenctypeattr 

Deletes  the  encryption  types  trust  attribute  for  the  domain. 

/? 

Displays  Help  at  the  command  prompt. 

Remarks 

Ksetup  is  used  to  change  the  computer  settings  for  locating  Kerberos  realms.  In  non-Microsoft  Kerberos-based 
implementations,  this  information  is  usually  kept  in  the  Krb5.conf  file.  In  Windows  Server  operating  systems,  it  is 
kept  in  the  registry.  You  can  use  this  tool  to  modify  these  settings.  These  settings  are  used  by  workstations  to 
locate  Kerberos  realms  and  by  domain  controllers  to  locate  Kerberos  realms  for  cross-realm  trust  relationships. 

Ksetup  initializes  registry  keys  that  the  Kerberos  Security  Support  Provider  (SSP)  uses  to  locate  a  KDC  for  the 
Kerberos  realm  if  the  computer  is  running  Windows  Server  2003,  Windows  Server  2008,  or  Windows  Server 
2008  R2  and  is  not  a  member  of  a  Windows  domain.  After  configuration,  the  user  of  a  client  computer  that  is 
running  the  Windows  operating  system  can  log  on  to  accounts  in  the  Kerberos  realm. 


The  Kerberos  version  5  protocol  is  the  default  for  network  authentication  on  computers  running  Windows  XP 
Professional,  Windows  Vista,  and  Windows  7.  The  Kerberos  SSP  searches  the  registry  for  the  domain  name  of 
the  user's  realm  and  then  resolves  the  name  to  an  IP  address  by  querying  a  DNS  server.  The  Kerberos  protocol 
can  use  DNS  to  locate  KDCs  by  using  only  the  realm  name,  but  it  must  be  specially  configured  to  do  so. 

Additional  references 

•  Command-Line  Syntax  Key 


ksetup:setrealm 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  name  of  a  Kerberos  realm.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /setrealm  <DNSDomainName> 

Parameters 

PARAMETER  DESCRIPTION 

<  DNSDomainName>  The  DNS  domain  name  can  be  in  the  form  of  a  fully  qualified 

domain  name  or  simple  domain  name. 


Remarks 

The  DNS  domain  name  parameter  should  be  entered  in  uppercase  letters.  Otherwise,  the  ksetup  command  will 
ask  for  verification  to  continue. 

Setting  the  Kerberos  realm  on  a  domain  controller  is  not  supported.  Attempting  to  do  so  will  cause  a  warning  and 
a  command  failure. 

Examples 

Set  the  realm  for  this  computer  to  a  specific  domain  name  to  restrict  access  by  a  non-domain  controller  just  to  the 
CONTOSO  Kerberos  realm: 

ksetup  /setrealm  CONTOSO 

Additional  references 

•  Command-Line  Syntax  Key 

•  Ksetup 

•  Ksetup:removerealm 


ksetup:mapuser 
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Maps  the  name  of  a  Kerberos  principal  to  an  account.  For  examples  of  how  this  command  can  be  used,  see 

Examples. 

Syntax 

ksetup  /mapuser  <Principal>  <Account> 

Parameters 

PARAMETER  DESCRIPTION 

<  Principal  The  fully  qualified  domain  name  of  any  principal;  for  example, 

mike@corp.CONTOSO.COM. 


<Account>  Any  account  or  security  group  name  that  exists  on  this 

computer,  such  as  Guest,  Domain  Users,  or  Administrator. 


Remarks 

An  account  can  be  specifically  identified,  such  as  domain  guests.  Or  you  can  use  the  wildcard  character  (*)  to 
include  all  accounts. 

If  an  account  name  is  omitted,  mapping  is  deleted  for  the  specified  principal. 

The  computer  will  only  authenticate  the  principals  of  the  given  realm  if  they  present  valid  Kerberos  tickets. 

Use  ksetup  without  any  parameters  or  arguments  to  see  the  current  mapped  settings  and  the  default  realm. 

Whenever  changes  are  made  to  the  external  Key  Distribution  Center  (KDC)  and  the  realm  configuration,  a  restart 
of  the  computer  where  the  setting  was  changed  is  required. 

Examples 

Map  Mike  Danseglio's  account  within  the  Kerberos  realm  CONTOSO  to  the  guest  account  on  this  computer, 
granting  him  all  the  privileges  of  a  member  of  the  built-in  Guest  account  without  having  to  authenticate  to  this 
computer: 

ksetup  /mapuser  mike@corp.CONTOSO.COM  guest 

Remove  the  mapping  of  Mike  Danseglio's  account  to  the  guest  account  on  this  computer  to  prevent  him  from 
authenticating  to  this  computer  with  his  credentials  from  CONTOSO: 

ksetup  /mapuser  mike@corp.CONTOSO.COM 

Map  Mike  Danseglio's  account  within  the  CONTOSO  Kerberos  realm  to  any  existing  account  on  this  computer,  (if 
only  the  standard  user  and  guest  accounts  are  active  on  this  computer,  Mike's  privileges  will  be  set  to  those): 


ksetup  /mapuser  mike@conp.CONTOSO.COM  * 


Map  all  accounts  within  the  CONTOSO  Kerberos  realm  to  any  existing  account  of  the  same  name  on  this 
computer: 


ksetup  /mapuser  *  * 


Additional  references 

•  Command-Line  Syntax  Key 

•  Ksetup 


ksetup:addkdc 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  a  Key  Distribution  Center  (KDC)  address  for  the  given  Kerberos  realm.  For  examples  of  how  this  command 
can  be  used,  see  Examples. 

Syntax 

ksetup  /addkdc  <RealmName>  [<KDCName>] 


Parameters 

PARAMETER 


DESCRIPTION 


<RealmName>  The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 

CORRCONTOSO.COM,  and  it  is  listed  as  the  default  realm 
when  ksetup  is  run.  It  is  to  this  realm  that  you  are  attempting 
to  add  the  other  KDC. 


<KDCName>  The  KDC  name  is  stated  as  a  case  insensitive  fully  qualified 

domain  name,  such  as  mitkdc.microsoft.com.  If  the  KDC  name 
is  omitted,  DNS  will  locate  KDCs. 

Remarks 

These  mappings  are  stored  in  the  registry  under 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\Kerberos\Domains.  To  deploy  Kerberos 
realm  configuration  data  to  multiple  computers,  use  the  Security  Configuration  Template  snap-in  and  policy 
distribution  instead  of  using  ksetup  explicitly  on  individual  computers. 

The  computer  must  be  restarted  before  the  new  realm  setting  will  be  used. 

To  verify  the  default  realm  name  for  the  computer,  or  to  verify  that  this  command  worked  as  intended,  run  ksetup 
at  the  command  prompt  and  verify  the  output  for  the  added  KDC. 

Examples 

Configure  a  non-Windows  KDC  server  and  the  realm  that  the  workstation  should  use: 

ksetup  /addkdc  CORP.CONTOSO.COM  mitkdc.contoso.com 

Run  the  Ksetup  tool  at  the  command  line  of  the  same  computer  as  in  the  preceding  command  to  set  the  local 
computer  account  password  to  "p@sswrd1%^?.  Then  restart  the  computer. 

Ksetup  /setcomputerpassword  p@sswndl% 


Additional  references 

•  Ksetup 

•  Ksetup:setcomputerpassword 


Command-Line  Syntax  Key 


ksetup:delkdc 

4/13/2018  •  1  min  to  read  •  Edit  Online 


Deletes  instances  of  Key  Distribution  Center  (KDC)  names  for  the  Kerberos  realm.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

ksetup  /delkdc  <RealmName>  <KDCName> 


Parameters 

PARAMETER  DESCRIPTION 

<RealmName>  The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 

CORRCONTOSO.COM,  and  it  is  listed  as  the  default  realm 
when  ksetup  is  run.  It  is  to  this  realm  from  which  you  are 
attempting  to  delete  the  other  KDC. 


<KDCName> 


The  KDC  name  is  stated  as  a  case-insensitive,  fully  qualified 
domain  name,  such  as  mitkdc.contoso.com. 


Remarks 

These  mappings  are  stored  in  the  registry  in 

HKEY_LOCAL_MACHIN E\System\CurrentControlSet\Control\LSA\Kerberos\Domains  To  remove  realm 
configuration  data  from  multiple  computers,  use  the  Security  Configuration  Template  snap-in  and  policy 
distribution  instead  of  using  ksetup  explicitly  on  individual  computers. 

On  computers  running  Windows  2000  Server  with  Service  Pack  1  (SP1)  and  earlier,  the  computer  must  be 
restarted  before  the  changed  realm  setting  configuration  will  be  used. 

To  verify  the  default  realm  name  for  the  computer,  or  to  verify  that  this  command  worked  as  intended,  run  ksetup 
at  the  command  prompt  and  verify  that  the  KDC  that  was  removed  does  not  exist  in  the  list. 

Examples 

The  security  requirements  for  this  computer  have  changed  so  the  link  between  the  Windows  realm  and  the  non- 
Windows  realm  must  be  removed.  First,  determine  which  association  to  remove  and  produce  the  output  of  existing 
associations: 

ksetup 

Remove  the  association  by  using  the  following  command: 

Ksetup  /delkdc  CORP.CONTOSO.COM  mitkdc.contoso.com 

Additional  references 

•  Ksetup 


Command-Line  Syntax  Key 


ksetup:addkpasswd 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  a  Kerberos  password  (Kpasswd)  server  address  for  a  realm.  For  examples  of  how  this  command  can  be  used, 

see  Examples. 

Syntax 

ksetup  /addkpasswd  <RealmName>  [<KpasswdName>] 

Parameters 

If  the  Kerberos  realm  that  the  workstation  will  be  authenticating  to  supports  the  Kerberos  change  password 
protocol,  you  can  configure  a  client  computer  running  the  Windows  operating  system  to  use  a  Kerberos  password 
server.  This  setting  is  configured  on  the  realm  side. 

PARAMETER  DESCRIPTION 

<RealmName>  The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 

CORRCONTOSO.COM,  and  is  listed  as  the  default  realm  or 
Realm=  when  ksetup  is  run. 

<KpasswdName>  The  KDC  name  that  is  to  be  used  as  the  Kerberos  password 

server  is  stated  as  a  case  insensitive  fully  qualified  domain 
name,  such  as  mitkdc.microsoft.com.  If  the  KDC  name  is 
omitted,  DNS  might  be  used  to  locate  KDCs. 

Remarks 

If  the  Kerberos  realm  that  the  workstation  will  be  authenticating  to  supports  the  Kerberos  change  password 
protocol,  you  can  configure  a  client  computer  running  the  Windows  operating  system  to  use  a  Kerberos  password 
server. 

Run  the  command  ksetup  to  verify  the  KDC  name.  If  kpasswd  =  does  not  appear  in  the  output,  the  mapping  has 
not  been  configured. 

You  can  add  additional  KDC  names  one  at  a  time. 

Examples 

Configure  the  realm,  CORP.CONTOSO.COM,  so  that  it  uses  the  non-Windows  KDC  server,  mitkdc.contoso.com,  as 
the  password  server: 

ksetup  /addkpasswd  CORP.CONTOSO.COM  mitkdc.contoso.com 

This  results  in  a  non-Windows  Kerberos  password  server  that  controls  all  the  passwords  for  authentication 
between  it  and  the  realm. 

Additional  references 

•  Ksetup 

•  Ksetup:delkpasswd 


Command-Line  Syntax  Key 


ksetup:delkpasswd 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 


removes  a  Kerberos  password  server  (Kpasswd)  for  a  realm.  For  examples  of  how  this  command  can  be  used,  see 

Examples. 

Syntax 

ksetup  /delkpasswd  <RealmName>  <KpasswdName> 


Parameters 

PARAMETER  DESCRIPTION 

The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 
CORRCONTOSO.COM,  and  is  listed  as  the  default  realm  or 
REALM  =  when  ksetup  is  run. 


The  KDC  name  to  be  used  as  the  Kerberos  password  server  is 
stated  as  a  case-insensitive,  fully  qualified  domain  name,  such 
as  mitkdc.contoso.com.  If  the  KDC  name  is  omitted,  DNS 
might  be  used  to  locate  KDCs. 


remarks 

Run  the  command  ksetup  to  verify  the  KDC  name.  If  kpasswd  =  does  not  appear  in  the  output,  then  the  mapping 
has  not  been  configured.  Multiple  mappings  will  be  listed,  if  set. 

Examples 

verify  the  realm  CORRCONTOSO.COM  uses  the  non-Windows  KDC  server  mitkdc.contoso.com  as  the  password 
server: 

ksetup  /delkpasswd  CORP.CONTOSO.COM  mitkdc.contoso.com 

To  verify  the  command  worked  as  intended,  run  ksetup  on  the  Windows  computer  to  verify  the  realm 
CORP.CONTOSO.COM  is  not  mapped  to  a  Kerberos  password  server  (the  KDC  name). 

additional  references 

•  ksetup 

•  ksetup:delkpasswd 

•  Command-Line  Syntax  Key 


ksetup:server 
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Allows  you  to  specify  a  name  for  a  computer  running  the  Windows  operating  system  so  that  the  changes  made  by 
using  ksetup  will  update  the  target  computer.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /server  <ServerName> 

Parameters 

PARAMETER  DESCRIPTION 

<ServerName>  The  full  computer  name  on  which  the  configuration  will  be 

effective,  such  as  IPops897.corp.contoso.com. 

If  an  incomplete  fully  qualified  domain  computer  name  is 
specified,  the  command  will  fail. 

Remarks 

There  is  no  way  to  remove  the  targeted  server  name;  you  can  only  change  it  back  to  the  local  computer  name, 
which  is  the  default. 

The  target  server  name  is  stored  in  the  registry  in 

HKEY_LOCAL_MACHIN  E\SYSTEM\ControlSet001\Control\LSA\Kerberos.  It  is  not  reported  by  using 
ksetup. 

Examples 

Make  your  ksetup  configurations  effective  on  the  IPops897  computer  that  is  connected  on  the  Contoso  domain: 

ksetup  /server  IPops897.corp.contoso.com 

Additional  references 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:setcomputerpassword 

4/13/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  password  for  the  local  computer.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /setcomputerpassword  <Password> 

Parameters 


PARAMETER 

DESCRIPTION 

<  Password  > 

Uses  the  supplied  password  to  set  the  computer  account  on 
the  local  computer. 

The  password  can  only  be  set  by  using  an  account  with 
administrative  privileges.  The  password  can  be  from  1  to  1  56 
alphanumeric  or  special  characters. 

Remarks 

This  command  affects  the  computer  account  only. 

You  must  restart  the  computer  for  the  password  change  to  take  effect. 

The  computer  account  password  is  not  displayed  in  the  registry  or  as  output  from  the  ksetup  command 

Examples 

Change  the  computer  account  password  on  the  local  computer  from  IPops897  to  I Pop$897 ! . 
ksetup  /setcomputerpassword  IPop$897! 


Additional  references 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:removerealm 
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Deletes  all  information  for  the  specified  realm  from  the  registry.  For  examples  of  how  this  command  can  be  used, 

see  Examples. 

Syntax 

ksetup  /removerealm  <RealmName> 

Parameters 

PARAMETER  DESCRIPTION 

<RealmName>  The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 

CORRCONTOSO.COM,  and  it  is  listed  as  the  default  realm 
when  ksetup  is  run. 

Remarks 

The  realm  name  is  stored  in  two  places  in  the  registry:  HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001  and 
\CurrentControlSet\Control\Lsa\Kerberos. 

You  cannot  remove  the  default  realm  name  from  the  domain  controller  because  this  will  reset  its  DNS  information, 
and  removing  it  might  make  the  domain  controller  unusable. 

Examples 

Mistakenly  set  the  realm  name  by  misspelling  ".COM^?  on  the  local  computer  to  CORP.CONTOSO.CON 

ksetup  /setrealm  CORP.CONTOSO.CON 

Remove  that  erroneous  realm  name  from  the  local  computer: 

ksetup  /removerealm  CORP.CONTOSO.CON 

Verify  the  removal  by  running  ksetup  and  review  the  output. 

Additional  references 

•  Ksetup 

•  Ksetup:setrealm 

•  Command-Line  Syntax  Key 


ksetup:domain 
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Sets  the  domain  name  for  all  Kerberos  operations.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /domain  <DomainName> 


Parameters 

PARAMETER 


DESCRIPTION 


<  DomainName>  Name  of  the  domain  to  which  you  want  to  establish  a 

connection.  Use  the  fully  qualified  domain  name  or  a  simple 
form  of  the  name,  such  as  contoso.com  or  contoso. 


Remarks 

None. 

Examples 

Establish  a  connection  to  a  valid  domain,  such  as  Microsoft  by  using  the  /mapuser  subcommand: 


ksetup  /mapuser  principal@realm  domain-user  /domain  domain-name 


When  the  connection  is  successful,  you  will  receive  a  new  TGT  or  an  existing  TGT  will  be  refreshed. 

Additional  references 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:changepassword 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Uses  the  Key  Distribution  Center  (KDC)  password  (kpasswd)  value  to  change  the  password  of  the  logged-on  user. 
For  examples  of  how  this  command  can  be  used,  see  Examples. 


Syntax 


ksetup  /changepassword  <01dPasswd>  <NewPasswd> 

Parameters 

PARAMETER 

DESCRIPTION 

<OldPasswd> 

States  the  logged-on  user's  existing  password. 

<NewPasswd> 

States  the  logged  on  user's  new  password. 

Remarks 

This  command  uses  the  KDC  password  (kpasswd)  value  to  change  the  password  of  the  logged-on  user.  The 
kpasswd,  if  set,  is  displayed  in  the  output  by  running  the  ksetup  /dumpstate  command. 

The  user's  new  password  must  meet  all  the  password  requirements  that  are  set  on  this  computer. 

If  the  user  account  is  not  found  in  the  current  domain,  the  system  will  ask  you  to  supply  the  domain  name  where 
the  user  account  resides. 

if  you  want  to  force  a  password  change  at  next  logon,  this  command  allows  the  use  of  the  asterisk  (*)  so  the  user 
will  be  prompted  for  a  new  password. 

The  output  of  the  command  informs  you  of  the  success  or  failure  status. 

Examples 

Change  the  password  of  a  user  who  is  currently  logged  on  to  this  computer  in  this  domain: 
ksetup  /changepassword  Pas$w0rd  Pa$$w0rd 

Change  the  password  of  a  user  who  is  currently  logged  on  in  the  Contoso  domain: 
ksetup  /domain  CONTOSO  /changepassword  Pas$w0rd  Pa$$w0rd 

Force  the  currently  logged  on  user  to  change  the  password  at  the  next  logon: 

ksetup  /changepassword  Pas$w0rd  * 

Additional  references 


•  Command-Line  Syntax  Key 


ksetu  p:  I  i  strea  I  mf  I  ag  s 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Lists  the  available  realm  flags  that  can  be  reported  by  ksetup.  For  examples  of  how  this  command  can  be  used, 

see  Examples. 

Syntax 

ksetup  /listrealmflags 

Parameters 

None 

Remarks 

The  realm  flags  specify  additional  features  of  a  non-Windows-based  Kerberos  realm.  Computers  that  are  running 
Windows  Server  2003,  Windows  Server  2008,  or  Windows  Server  2008  R2  can  use  a  non-Windows-based 
Kerberos  server  to  administer  authentication  instead  of  using  a  domain  that  is  running  a  Windows  Server 
operating  system.  These  systems  participate  in  a  Kerberos  realm  instead  of  a  Windows  domain.  This  entry 
establishes  the  features  of  the  realm.  The  following  table  describes  each. 


VALUE 

REALM  FLAG 

DESCRIPTION 

OxF 

All 

All  realm  flags  are  set. 

0x00 

None 

No  realm  flags  are  set,  and  no 
additional  features  are  enabled. 

0x01 

SendAddress 

The  IP  address  will  be  included  within 
the  ticket-granting  tickets. 

0x02 

TcpSupported 

The  Transmission  Control  Protocol  (TCP) 
and  the  User  Datagram  Protocol  (UDP) 
are  supported  in  this  realm. 

0x04 

Delegate 

Everyone  in  this  realm  is  trusted  for 
delegation. 

0x08 

NcSupported 

This  realm  supports  name 
canonicalization,  which  allows  for  DNS 
and  realm  naming  standards. 

0x80 

RC4 

This  realm  supports  RC4  encryption  to 

enable  cross-realm  trust,  which  allows 
for  the  use  of  TLS. 


Realm  flags  are  stored  in  the  registry  in 

H  KE  Y_LOC  AL_M  AC  H I N  E\SYSTE  M\CurrentControlSet\Control\Lsa\Kerberos\Domains\/?eo/mnome.  This 
entry  does  not  exist  in  the  registry  by  default.  You  can  use  the  Ksetup:addrealmflags  command  to  populate  the 
registry. 


Examples 

List  the  known  realm  flags  on  this  computer: 
ksetup  /listrealmflags 

Set  the  available  realm  flags  that  Ksetup  does  not  know  by  typing  either  of  the  following  commands  at  the 
command  line: 


ksetup  /setrealmflags  CORP.CONTOSO.COM  sendaddress  tcpsupported  delete  ncsupported 


ksetup  /setrealmflags  C0RP.C0NT0S0.C0M  0xF 


Additional  references 

•  Ksetup:setrealmflags 

•  Ksetup:addrealmflags 

•  Ksetup:delrealmflags 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:setrealmflags 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  realm  flags  for  the  specified  realm.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 


ksetup  /setrealmflags  <RealmName>  [sendaddress]  [tcpsupponted]  [delegate]  [ncsupported]  [rc4] 


Parameters 

PARAMETER 

DESCRIPTION 

<RealmName> 

The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 
CORRCONTOSO.COM. 

Realm  flag 

Denotes  one  of  the  following  flags: 

-  SendAddress 

-  TcpSupported 

-  Delegate 

-  NcSupported 

-  RC4 

Remarks 

The  realm  flags  specify  additional  features  of  a  Kerberos  realm  that  is  not  based  on  the  Windows  Server  operating 
system.  Computers  that  are  running  Windows  Server  2003,  Windows  Server  2008,  or  Windows  Server  2008  R2 
can  use  a  Kerberos  server  to  administer  authentication  instead  of  using  a  domain  that  is  running  a  Windows 

Server  operating  system,  and  these  systems  participate  in  a  Kerberos  realm.  This  entry  establishes  the  features  of 
the  realm.  The  following  table  describes  each. 

VALUE 

REALM  FLAG 

DESCRIPTION 

OxF 

All 

All  realm  flags  are  set. 

0x00 

None 

No  realm  flags  are  set,  and  no 
additional  features  are  enabled. 

0x01 

SendAddress 

The  IP  address  will  be  included  within 
the  ticket-granting  tickets. 

0x02 

TcpSupported 

Both  the  Transmission  Control  Protocol 
(TCP)  and  the  User  Datagram  Protocol 
(UDP)  are  supported  in  this  realm. 

0x04 


Delegate 


Everyone  in  this  realm  is  trusted  for 
delegation. 


VALUE 


REALM  FLAG 


DESCRIPTION 


0x08 


NcSupported  This  realm  supports  name 

canonicalization,  which  allows  for  DNS 
and  Realm  naming  standards. 


0x80 


RC4 


This  realm  supports  RC4  encryption  to 
enable  cross-realm  trust,  which  allows 
for  the  use  of  TLS. 


Realm  flags  are  stored  in  the  registry  under 

HKEY_LOCAL_MACHIN  E\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\/?eo/mA/ome.  This 
entry  does  not  exist  in  the  registry  by  default.  You  can  use  the  Ksetup:addrealmflags  command  to  populate  the 
registry. 

You  can  see  what  realm  flags  are  available  and  set  by  viewing  the  output  of  ksetup. 

Examples 

List  the  available  and  set  realm  flags  for  the  realm  CONTOSO: 

ksetup 

Set  two  flags  that  are  not  currently  set: 

ksetup  /setrealmflags  CONTOSO  ncsupported  delegate 

Run  the  ksetup  command  to  verify  that  the  realm  flag  is  set  by  viewing  the  output  and  looking  for  Realm  flags  =. 

Additional  references 

•  Ksetup:listrealmflags 

•  Ksetup:addrealmflags 

•  Ksetup:delrealmflags 

•  Command-Line  Syntax  Key 


ksetu  p:add  rea  I  mf  I  ag  s 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  additional  realm  flags  to  the  specified  realm.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /addrealmflags  <RealmName>  [sendaddress]  [tcpsupported]  [delegate]  [ncsupported]  [rc4] 

Parameters 

PARAMETER  DESCRIPTION 

Realm  name  The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 

CORRCONTOSO.COM. 

Remarks 

The  realm  flags  specify  additional  features  of  a  Kerberos  realm  that  is  not  based  on  the  Windows  Server 
operating  system.  Computers  that  are  running  Windows  Server  2003,  Windows  Server  2008,  or  Windows 
Server  2008  R2  can  use  a  Kerberos  server  to  administer  authentication  instead  of  using  a  domain  that  is  running 
a  Windows  Server  operating  system,  and  these  systems  participate  in  a  Kerberos  realm.  This  entry  establishes 
the  features  of  the  realm.  The  following  table  describes  each. 


VALUE 

REALM  FLAG 

DESCRIPTION 

OxF 

All 

All  realm  flags  are  set. 

0x00 

None 

No  realm  flags  are  set,  and  no 
additional  features  are  enabled. 

0x01 

SendAddress 

The  IP  address  will  be  included  within 
the  ticket-granting  tickets. 

0x02 

TcpSupported 

Both  the  Transmission  Control  Protocol 
(TCP)  and  the  User  Datagram  Protocol 
(UDP)  are  supported  in  this  realm. 

0x04 

Delegate 

Everyone  in  this  realm  is  trusted  for 
delegation. 

0x08 

NcSupported 

This  realm  supports  name 
canonicalization,  which  allows  for  DNS 
and  Realm  naming  standards. 

0x80 

RC4 

This  realm  supports  RC4  encryption  to 

enable  cross-realm  trust,  which  allows 
for  the  use  of  TLS. 


Realm  flags  are  stored  in  the  Registry  under 


H  KE  Y_LOC  AL_M  AC  H I N  E\SYSTE  M\CurrentControlSet\Control\Lsa\Kerberos\DomainsV?ea/m-name. 

This  entry  does  not  exist  in  the  registry  by  default.  You  can  use  the  Ksetup:addrealmflags  command  to  populate 
the  Registry. 

You  can  see  what  realm  flags  are  available  and  set  by  viewing  the  output  of  ksetup  or  ksetup  /dumpstate. 

Examples 

List  the  available  realm  flags  for  the  realm  CONTOSO: 

Ksetup  /listrealmflags 

Set  two  flags  to  the  CONTOSO  realm: 

ksetup  /setrealmflags  CONTOSO  ncsupported  delegate 

Add  one  more  flag  that  is  not  currently  in  the  set: 
ksetup  /addrealmflags  CONTOSO  SendAddress 

Run  the  ksetup  command  to  verify  that  the  realm  flag  is  set  by  viewing  the  output  and  looking  for  Realm  flags 

Additional  references 

•  Ksetup:listrealmflags 

•  Ksetup:setrealmflags 

•  Ksetup:delrealmflags 

•  Command-Line  Syntax  Key 


ksetup:delrealmflags 

4/1 3/2018  *1  min  to  read  •  Edit  Online 

Removes  realm  flags  from  the  specified  realm.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /delrealmflags  <RealmName>  [sendaddress]  [tcpsupported]  [delegate]  [ncsupported]  [rc4] 

Parameters 

PARAMETER 

DESCRIPTION 

<RealmName> 

The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 
CORRCONTOSO.COM,  and  is  listed  as  the  default  realm  when 
Ksetup  is  run. 

Remarks 

The  realm  flags  specify  additional  features  of  a  Kerberos  realm  that  is  not  based  on  the  Windows  Server  operating 
system.  Computers  that  are  running  Windows  Server  2003,  Windows  Server  2008,  or  Windows  Server  2008  R2 
can  use  a  Kerberos  server  to  administer  authentication  instead  of  using  a  domain  that  is  running  a  Windows 

Server  operating  system,  and  these  systems  participate  in  a  Kerberos  realm.  This  entry  establishes  the  features  of 
the  realm.  The  following  table  describes  each. 

VALUE 

REALM  FLAG 

DESCRIPTION 

OxF 

All 

All  realm  flags  are  set. 

0x00 

None 

No  realm  flags  are  set,  and  no 
additional  features  are  enabled. 

0x01 

SendAddress 

The  IP  address  will  be  included  within 
the  ticket-granting-tickets. 

0x02 

TcpSupported 

Both  the  Transmission  Control  Protocol 
(TCP)  and  the  User  Datagram  Protocol 
(UDP)  are  supported  in  this  realm. 

0x04 

Delegate 

Everyone  in  this  realm  is  trusted  for 
delegation. 

0x08 

NcSupported 

This  realm  supports  name 
canonicalization,  which  allows  for  DNS 
and  Realm  naming  standards. 

0x80  RC4  This  realm  supports  RC4  encryption  to 

enable  cross-realm  trust,  which  allows 
for  the  use  of  TLS. 


Realm  flags  are  stored  in  the  registry  in 

HKEY_LOCAL_MACHIN  E\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains\/?eo/mA/ome. 

This  entry  does  not  exist  in  the  registry  by  default  You  can  use  the  Ksetup:addrealmflags  command  to  populate 
the  Registry. 

You  can  see  what  realm  flags  are  available  and  set  by  viewing  the  output  of  ksetup  or  ksetup  /dumpstate. 

Examples 

List  the  available  realm  flags  for  the  realm  CONTOSO: 

Ksetup  /listrealmflags 

Remove  two  flags  that  are  currently  in  the  set: 

ksetup  /delrealmflags  CONTOSO  ncsupported  delegate 

Run  the  ksetup  command  to  verify  that  the  realm  flag  is  set  by  viewing  the  output  and  looking  for  Realm  flags 

Additional  references 

•  Ksetup:listrealmflags 

•  Ksetup:setrealmflags 

•  Ksetup:addrealmflags 

•  Command-Line  Syntax  Key 


ksetup:dumpstate 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  the  current  state  of  realm  settings  for  all  realms  that  are  defined  on  the  computer.  For  examples  of  how 
this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /dumpstate 

Parameters 

None 

Remarks 

The  output  of  this  command  includes  the  default  realm  (the  domain  that  the  computer  is  a  member  of)  and  all  the 
realms  that  are  defined  on  this  computer.  The  following  is  included  for  each  realm: 

•  All  the  Key  Distribution  Centers  (KDCs)  that  are  associated  with  this  realm 

•  All  the  set  realm  flags  for  this  realm 

•  The  KDC  password 

This  command  does  not  display  the  domain  name  that  is  specified  by  DNS  detection  or  by  the  command  ksetup 
/domain. 

This  command  does  not  display  the  computer  password  that  is  set  by  using  the  command  ksetup 
/setcomputerpassword. 

Ksetup  produces  the  same  output  as  ksetup  /dumpstate. 

Examples 

Find  most  of  the  Kerberos  realm  configurations  on  a  computer: 

ksetup  /dumpstate 

Additional  references 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:addhosttorealmmap 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  a  service  principal  name  (SPN)  mapping  between  the  stated  host  and  the  realm.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

ksetup  /addhosttorealmmap  <HostName>  <RealmName> 

Parameters 

PARAMETER  DESCRIPTION 

<HostName>  The  host  name  is  the  computer  name,  and  it  can  be  stated  as 

the  computer's  fully  qualified  domain  name. 

<RealmName>  The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 

CORRCONTOSO.COM. 


Remarks 

This  command  allows  you  to  map  a  host  or  multiple  hosts  that  are  sharing  the  same  DNS  suffix  to  the  realm. 
The  mapping  is  recorded  in  the  registry  in 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentContolSet\Lsa\Kerberos\HostTo  Realm. 

Examples 

As  part  of  configuring  the  realm  CONTOSO,  map  the  host  computer  IPops897  to  the  realm: 

ksetup  /addhosttorealmmap  IPops897  CONTOSO 

Verify  in  the  registry  that  the  mapping  is  as  intended. 

Additional  references 

•  Ksetup:delhosttorealmmap 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:delhosttorealmmap 

4/13/2018  •  1  min  to  read  •  Edit  Online 


Removes  a  service  principal  name  (SPN)  mapping  between  the  stated  host  and  the  realm.  For  examples  of  how 
this  command  can  be  used,  see  Examples. 


Syntax 


ksetup  /delhosttorealmmap  <HostName>  <RealmName> 

Parameters 

PARAMETER 

DESCRIPTION 

<HostName> 

The  host  name  is  the  computer  name,  and  it  can  be  stated  as 
the  computer's  fully  qualified  domain  name. 

<RealmName> 

The  realm  name  is  stated  as  an  uppercase  DNS  name,  such  as 
CORRCONTOSO.COM. 

Remarks 

When  a  host  to  realm  (or  multiple  hosts  to  realm)  mapping  exists,  this  command  removes  that  mapping. 

The  mapping  is  recorded  in  the  registry  in 

HKEY_LOCAL_MACHIN  E\SYSTEM\CurrentContolSet\Lsa\Kerberos\HostToRealm.  You  should  verify  the 
mapping  in  the  registry  after  using  this  command. 

Examples 

Altering  the  configuration  of  the  realm  CONTOSO,  delete  the  mapping  of  the  host  computer  IPops897  to  the 
realm: 

ksetup  /delhosttorealmmap  IPops897  CONTOSO 

After  running  this  command,  you  can  verify  in  the  registry  that  the  mapping  is  as  intended. 

Additional  references 

•  Ksetup:addhosttorealmmap 

•  Ksetup 

•  Command-Line  Syntax  Key 


ksetup:setenctypeattr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  encryption  type  attribute  for  the  domain.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

ksetup  /setenctypeattr  <Domain  name>  {DES-CBC-CRC  |  DES-CBC-MD5  |  RC4-HMAC-MD5  |  AES128-CTS-HMAC-SHA1-96  | 
AES256-CTS-HMAC-SHA1-96} 


Parameters 

PARAMETER  DESCRIPTION 

<  DomainName>  Name  of  the  domain  to  which  you  want  to  establish  a 

connection.  Use  the  fully  qualified  domain  name  or  a  simple 
form  of  the  name,  such  as  corp.contoso.com  or  contoso. 


Encryption  type  Must  be  one  of  the  following  supported  encryption  types: 

-  DES-CBC-CRC 

-  DES-CBC-MD5 

-  RC4-HMAC-MD5 

-  AES128-CTS-HMAC-SHA1  -96 

-  AES256-CTS-HMAC-SHA1  -96 


Remarks 

To  view  the  encryption  type  for  the  Kerberos  ticket-granting  ticket  (TGT)  and  the  session  key,  run  the  klist 
command  and  view  the  output. 

You  can  set  or  add  multiple  encryption  types  by  separating  the  encryption  types  in  the  command  with  a  space. 
However,  you  can  only  do  so  for  one  domain  at  a  time. 

If  the  command  succeeds  or  fails,  a  status  message  is  displayed. 

To  set  the  domain  that  you  want  to  connect  to  and  use,  run  the  ksetup  /domain  <  Domain  N  a  me  >  command. 

Examples 

Determine  the  current  encryption  types  that  are  set  on  this  computer: 


klist 


Set  the  domain  to  corp.contoso.com: 


ksetup  /domain  corp.contoso.com 


Set  the  encryption  type  attribute  to  AES-256-CTS-HMAC-SHA1  -96  for  the  domain  corp.contoso.com: 


ksetup  /setenctypeattr  corp.contoso.com  AES-256-CTS-HMAC-SHA1-96 


Verify  that  the  encryption  type  attribute  was  set  as  intended  for  the  domain: 


ksetup  /getenctypeattr  corp.contoso.com 


Additional  references 

•  Klist 

•  Ksetup:domain 

•  Ksetup:addenctypeattr 

•  Ksetup:getenctypeattr 

•  Ksetup:delenctypeattr 

•  Command-Line  Syntax  Key 


ksetu  p:getenctypeattr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Retrieves  the  encryption  type  attribute  for  the  domain.  For  examples  of  how  this  command  can  be  used,  see 

Examples. 

Syntax 

ksetup  /getenctypeattr  <DomainName> 

Parameters 

PARAMETER  DESCRIPTION 

<  DomainName>  Name  of  the  domain  to  which  you  want  to  establish  a 

connection.  Use  the  fully  qualified  domain  name  or  a  simple 
form  of  the  name,  such  as  corp.contoso.com  or  contoso. 

Remarks 

To  view  the  encryption  type  for  the  Kerberos  ticket-granting  ticket  (TGT)  and  the  session  key,  run  the  klist 
command  and  view  the  output. 

If  the  command  succeeds  or  fails,  a  status  message  is  displayed  upon  successful  or  failed  completion. 

To  set  the  domain  that  you  want  to  connect  to  and  use,  run  the  ksetup  /domain  <DomainName>  command. 

Examples 

Verify  the  encryption  type  attribute  for  the  domain: 
ksetup  /getenctypeattr  mit.contoso.com 

Additional  references 

•  Klist 

•  Ksetup:domain 

•  Ksetu  p:addenctypeattr 

•  Ksetup:setenctypeattr 

•  Ksetup:delenctypeattr 

•  Command-Line  Syntax  Key 


ksetup:addenctypeattr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  the  encryption  type  attribute  to  the  list  of  possible  types  for  the  domain.  For  examples  of  how  this  command 
can  be  used,  see  Examples. 

Syntax 

ksetup  /addenctypeattr  <DomainName>  {DES-CBC-CRC  |  DES-CBC-MD5  |  RC4-HMAC-MD5  |  AES128-CTS-HMAC-SHA1-96  | 
AES256-CTS-HMAC-SHA1-96} 

Parameters 

PARAMETER  DESCRIPTION 


<  DomainName>  Name  of  the  domain  to  which  you  want  to  establish  a 

connection.  Use  the  fully  qualified  domain  name  or  a  simple 
form  of  the  name,  such  as  corp.contoso.com  or  contoso. 


Encryption  type  Must  be  one  of  the  following  supported  encryption  types: 

-  DES-CBC-CRC 

-  DES-CBC-MD5 

-  RC4-HMAC-MD5 

-  AES128-CTS-HMAC-SHA1  -96 

-  AES256-CTS-HMAC-SHA1  -96 


Remarks 

To  view  the  encryption  type  for  the  Kerberos  ticket-granting  ticket  (TGT)  and  the  session  key,  run  the  klist 
command  and  view  the  output. 

You  can  set  or  add  multiple  encryption  types  by  separating  the  encryption  types  in  the  command  with  a  space. 
However,  you  can  only  do  so  for  one  domain  at  a  time. 

If  the  command  succeeds  or  fails,  a  status  message  is  displayed. 

To  set  the  domain  that  you  want  to  connect  to  and  use,  run  the  ksetup  /domain  <  Domain  N  a  me  >  command. 

Examples 

Determine  the  current  encryption  types  that  are  set  on  this  computer: 


klist 


Set  the  domain  to  corp.contoso.com: 


ksetup  /domain  corp.contoso.com 


Add  the  encryption  type  AES-256-CTS-HMAC-SHA1  -96  to  the  list  of  possible  types  for  the  domain 
corp.contoso.com: 


ksetup  /addenctypeattr  corp.contoso.com  AES-256-CTS-HMAC-SHA1-96 


Set  the  encryption  type  attribute  to  AES-256-CTS-HMAC-SHA1  -96  for  the  domain  corp.contoso.com 

ksetup  /setenctypeattr  corp.contoso.com  AES-256-CTS-HMAC-SHA1-96 

Verify  that  the  encryption  type  attribute  was  set  as  intended  for  the  domain: 
ksetup  /getenctypeattr  corp.contoso.com 

Additional  references 

•  Klist 

•  Ksetup:domain 

•  Ksetup:setenctypeattr 

•  Ksetup:getenctypeattr 

•  Ksetup:delenctypeattr 

•  Command-Line  Syntax  Key 


ksetup:delenctypeattr 

4/1 3/201 8  •  1  min  to  read  •  Edit  Online 


Removes  the  encryption  type  attribute  for  the  domain.  For  examples  of  how  this  command  can  be  used,  see 

Examples. 

Syntax 

ksetup  /delenctypeattr  <DomainName> 

Parameters 

PARAMETER  DESCRIPTION 

<  DomainName>  Name  of  the  domain  to  which  you  want  to  establish  a 

connection.  Use  the  fully  qualified  domain  name  or  a  simple 
form  of  the  name,  such  as  corp.contoso.com  or  contoso. 

Remarks 

To  view  the  encryption  type  for  the  Kerberos  ticket-granting  ticket  (TGT)  and  the  session  key,  run  the  klist 
command  and  view  the  output. 

A  status  message  is  displayed  upon  successful  or  failed  completion. 

To  set  the  domain  that  you  want  to  connect  to  and  use,  run  the  ksetup  /domain  <DomainName>  command. 

Examples 

Determine  the  current  encryption  types  that  are  set  on  this  computer: 

klist 

Set  the  domain  to  mit.contoso.com: 

ksetup  /domain  mit.contoso.com 

Verify  what  the  encryption  type  attribute  is  for  the  domain: 
ksetup  /getenctypeattr  mit.contoso.com 

Remove  the  set  encryption  type  attribute  for  the  domain  mit.contoso.com: 

ksetup  /delenctypeattr  mit.contoso.com 

Additional  references 

•  Klist 

•  Ksetup:domain 


Ksetup:addenctypeattr 
Ksetup:setenctypeattr 
Ksetup:delenctypeattr 
Command-Line  Syntax  Key 


ktmutil 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Starts  the  Kernel  Transaction  Manager  utility.  If  used  without  parameters,  ktmutil  displays  available 
subcommands. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

ktmutil  list  tms 

ktmutil  list  transactions  [{TmGuid}] 

ktmutil  resolve  complete  {TmGuid}  {RmGuid}  {EnGuid} 

ktmutil  resolve  commit  {TxGuid} 

ktmutil  resolve  rollback  {TxGuid} 

ktmutil  force  commit  {??Guid} 

ktmutil  force  rollback  {??Guid} 

ktmutil  forget 


Parameters 

Remarks 

Examples 

To  force  an  Indoubt  transaction  with  GUID  31 1a9209-03f4-1 1  dc-918f-00188b8f707b  to  commit,  type: 

ktmutil  force  commit  {311a9209-03f4-lldc-918f-00188b8f707b} 

Additional  references 

Command-Line  Syntax  Key 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Configures  the  server  principal  name  for  the  host  or  service  in  active  directory  Domain  Services  (AD  DS)  and 
generates  a  .keytab  file  that  contains  the  shared  secret  key  of  the  service.  The  .keytab  file  is  based  on  the 
Massachusetts  Institute  of  Technology  (MIT)  implementation  of  the  Kerberos  authentication  protocol.  The  ktpass 
command-line  tool  allows  non-Windows  services  that  support  Kerberos  authentication  to  use  the  interoperability 
features  provided  by  the  Kerberos  Key  Distribution  Center  (KDC)  service.  This  topic  applies  to  the  operating 
system  versions  designated  in  the  Applies  To  list  at  the  beginning  of  the  topic. 


Syntax 


ktpass 

[/out  <FileName>] 

[/princ  <PrincipalName>] 

[/mapuser  <UserAccount>] 

[/mapop  (add | set}]  [{- |+}desonly]  [/in  <FileName>] 

[/pass  {Password | * | {- | +}rndpass}] 

[/minpass] 

[/maxpass] 

[/crypto  {DES-CBC-CRC|DES-CBC-MD5| RC4-HMAC-NT | AES256-SHA1 ] AES128-SHA1 | All}] 
[/itercount] 

[/ptype  {KRB5_NT_PRINCIPAL | KRB5_NT_SRV_INST | KRB5_NT_SRV_HST}] 

[/kvno  <KeyversionNum>] 

[/answer  {- | +}] 

[/target] 

[/rawsalt]  [{- |+}dumpsalt]  [{- |+}setupn]  [{- |+}setpass  <Password>]  [/? | /h | /help] 


Parameters 


PARAMETER 


DESCRIPTION 


/out 


Specifies  the  name  of  the  Kerberos  version  5  .keytab  file  to 
generate.  Note:  This  is  the  .keytab  file  that  you  transfer  to  a 
computer  that  is  not  running  the  Windows  operating  system, 
and  then  replace  or  merge  with  your  existing  .keytab  file, 
/Etc/Krb5. keytab. 


/princ 


Specifies  the  principal  name  in  the  form 
host/computer.contoso.com@CONTOSO.COM.  Warning:  This 
parameter  is  case  sensitive.  See  remarks  for  more  information. 


/mapuser 


Maps  the  name  of  the  Kerberos  principal,  which  is  specified  by 
the  princ  parameter,  to  the  specified  domain  account. 


PARAMETER 


DESCRIPTION 


/mapop  {add|set} 

Specifies  how  the  mapping  attribute  is  set. 

-  add  adds  the  value  of  the  specified  local  user  name.  This  is 
the  default. 

-  Set  sets  the  value  for  Data  Encryption  Standard  (DES)-only 
encryption  for  the  specified  local  user  name. 

{-|+}desonly 

DES-only  encryption  is  set  by  default. 

-  +  Sets  an  account  for  DES-only  encryption. 

-  -  Releases  restriction  on  an  account  for  DES-only  encryption. 
IMPORTANT:  Beginning  with  Windows  7  and  Windows 

Server  2008  R2  ,  Windows  does  not  support  DES  by  default. 

/in 

Specifies  the  .keytab  file  to  read  from  a  host  computer  that  is 
not  running  the  Windows  operating  system. 

/pass  {Password[*|{-|+}rndpass} 

Specifies  a  password  for  the  principal  user  name  that  is 
specified  by  the  princ  parameter.  Use  to  prompt  for  a 
password. 

/minpass 

Sets  the  minimum  length  of  the  random  password  to  1  5 
characters. 

/maxpass 

Sets  the  maximum  length  of  the  random  password  to  256 
characters. 

/crypto  {DES-CBC-CRC|DES-CBC-MD5|RC4-HMAC- 
NT|AES256-SHA1  |AES1 28-SHA1  |AII} 

Specifies  the  keys  that  are  generated  in  the  keytab  file: 

-  DES-CBC-CRC  is  used  for  compatibility. 

-  DES-CBC-MD5  adheres  more  closely  to  the  MIT 
implementation  and  is  used  for  compatibility. 

-  RC4-HMAC-NT  employs  128-bit  encryption. 

-  AES256-SHA1  employs  AES256-CTS-HMAC-SHA1 -96 
encryption. 

-  AES128-SHA1  employs  AES128-CTS-HMAC-SHA1  -96 
encryption. 

-  All  states  that  all  supported  cryptographic  types  can  be 
used.  Note:  The  default  settings  are  based  on  older  MIT 
versions.  Therefore,  /crypto  should  always  be  specified. 

/itercount 

Specifies  the  iteration  count  that  is  used  for  AES  encryption. 
The  default  is  that  itercount  is  ignored  for  non-AES 
encryption  and  set  at  4,096  for  AES  encryption. 

/ptype 

{KRB5_NT_PRINCIPAL|KRB5_NT_SRV_INST|KRB5_NT_SRV_HST} 

Specifies  the  principal  type. 

-  KRB5_NT_PRINCIPAL  is  the  general  principal  type 
(recommended). 

-  KRB5_NT_SRV_INST  is  the  user  service  instance. 

-  KRB5_NT_SRV_HST  is  the  host  service  instance. 

/kvno 

Specifies  the  key  version  number.  The  default  value  is  1 . 

PARAMETER 


DESCRIPTION 


/answer  {-|+}  Sets  the  background  answer  mode: 

-  Answers  reset  password  prompts  automatically  with  NO. 


+  Answers  reset  password  prompts  automatically  with  YES. 


/target 

Sets  which  domain  controller  to  use.  The  default  is  for  the 
domain  controller  to  be  detected,  based  on  the  principal 
name.  If  the  domain  controller  name  does  not  resolve,  a  dialog 
box  will  prompt  for  a  valid  domain  controller. 

/rawsalt 

forces  ktpass  to  use  the  rawsalt  algorithm  when  generating 
the  key.  This  parameter  is  not  needed. 

{-|+}dumpsalt 

The  output  of  this  parameter  shows  the  MIT  salt  algorithm 
that  is  being  used  to  generate  the  key. 

{-|+}setupn 

Sets  the  user  principal  name  (UPN)  in  addition  to  the  service 
principal  name  (SPN).  The  default  is  to  set  both  in  the  .keytab 
file. 

{-|+}setpass 

Sets  the  user's  password  when  supplied.  If  rndpass  is  used,  a 
random  password  is  generated  instead. 

/?|/h|/help 

Displays  command-line  help  for  ktpass. 

remarks 

Services  running  on  systems  that  are  not  running  the  Windows  operating  system  can  be  configured  with  service 
instance  accounts  in  active  directory  Domain  Services.  This  allows  any  Kerberos  client  to  authenticate  to  services 
that  are  not  running  the  Windows  operating  system  by  using  Windows  KDCs. 

The  /princ  parameter  is  not  evaluated  by  ktpass  and  is  used  as  provided.  There  is  no  check  to  see  if  the  parameter 
matches  the  exact  case  of  the  userPrincipalName  attribute  value  when  generating  the  Keytab  file.  Case  sensitive 
Kerberos  distributions  using  this  Keytab  file  might  have  problems  when  there  is  no  exact  case  match  and  could  fail 
during  pre-authentication.  Check  and  retrieve  the  correct  userPrincipalName  attribute  value  from  a  LDifDE 
export  file.  For  example: 

ldifde  /f  keytab_user.ldf  /d  "CN=Keytab  UserJOU=UserAccountsJDC=contoso,DC=corp)DC=microsoftJDC=com"  /p  base  /I 
samaccountname, userprincipalname 

Examples 

The  following  example  illustrates  how  to  create  a  Kerberos  .keytab  file,  machine.keytab,  in  the  current  directory  for 
the  user  Samplel .  (You  will  merge  this  file  with  the  Krb5. keytab  file  on  a  host  computer  that  is  not  running  the 
Windows  operating  system.)  The  Kerberos  .keytab  file  will  be  created  for  all  supported  encryption  types  for  the 
general  principal  type. 

To  generate  a  .keytab  file  for  a  host  computer  that  is  not  running  the  Windows  operating  system,  use  the  following 
steps  to  map  the  principal  to  the  account  and  set  the  host  principal  password: 

1 .  Use  the  active  directory  User  and  computers  snap-in  to  create  a  user  account  for  a  service  on  a  computer  that  is 
not  running  the  Windows  operating  system.  For  example,  create  an  account  with  the  name  Samplel . 

2.  Use  ktpass  to  set  up  an  identity  mapping  for  the  user  account  by  typing  the  following  at  a  command  prompt: 


ktpass  /princ  host/Samplel. contoso.com@CONTOSO.COM  /mapuser  Samplel  /pass  MyPas$w0rd  /out  Samplel.keytab 
/crypto  all  /ptype  KRB5_NT_PRINCIPAL  /mapop  set 


NOTE 

You  cannot  map  multiple  service  instances  to  the  same  user  account. 


3.  Merge  the  .keytab  file  with  the  /Etc/Krb5.keytab  file  on  a  host  computer  that  is  not  running  the  Windows 
operating  system. 

additional  references 

Command-Line  Syntax  Key 


label 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Creates,  changes,  or  deletes  the  volume  label  (that  is,  the  name)  of  a  disk.  If  used  without  parameters,  the  label 
command  changes  the  current  volume  label  or  deletes  the  existing  label. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

label  [ / mp ]  [<Volume>]  [<Label>] 


Parameters 


PARAMETER 

DESCRIPTION 

/mp 

Specifies  that  the  volume  should  be  treated  as  a  mount  point 
or  volume  name. 

<Volume> 

Specifies  a  drive  letter  (followed  by  a  colon),  mount  point,  or 
volume  name.  If  a  volume  name  is  specified,  the  /mp 
parameter  is  unnecessary. 

<Label> 

Specifies  the  label  for  the  volume. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Windows  displays  the  volume  label  and  serial  number  (if  it  has  one)  as  part  of  the  directory  listing. 

•  An  NTFS  volume  label  can  be  up  to  32  characters  in  length,  including  spaces.  NTFS  volume  labels  retain  and 
display  the  case  that  was  used  when  the  label  was  created. 

•  If  you  do  not  specify  a  value  for  the  Label  parameter,  the  label  command  displays  output  in  the  following 

format: 

Volume  in  drive  C:  xxxxxxxxxxx  Volume  Serial  Number 
none) ? 

is  xxxx-xxxx  Volume  label  (32  characters,  ENTER  for 

You  can  type  a  new  volume  label  or  press  ENTER  to  keep  the  current  label.  If  you  press  ENTER  and  the  volume 
currently  has  a  label,  the  label  command  prompts  you  with  the  following  message: 

Delete  current  volume  label  (Y/N)? 

Press  Y  to  delete  the  label,  or  press  N  to  keep  the  label. 

Examples 

To  label  a  disk  in  drive  A  that  contains  sales  information  for  July,  type: 
label  a:sales-july 


To  delete  the  current  label  for  drive  C,  follow  these  steps: 


1.  At  the  command  prompt,  type: 

Label 

Output  similar  to  the  following  should  be  displayed: 

Volume  in  drive  C:  is  Main  Disk  Volume  Serial  Number  is  6789-ABCD  Volume  label  (32  characters,  ENTER  for 
none)  ? 

2.  Press  ENTER.  The  following  prompt  should  be  displayed: 

Delete  current  volume  label  (Y/N)? 

3.  Press  Y  to  delete  the  current  label. 

Additional  references 

Command-Line  Syntax  Key 


lodctr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Allows  you  to  register  or  save  performance  counter  name  and  registry  settings  in  a  file  and  designate  trusted 
services. 

Syntax 

lodctr  <filename>  [/s:<filename>]  [/r:<filename>]  [/t:<servicename>] 


Parameters 


PARAMETER 

DESCRIPTION 

Registers  the  Performance  counter  name  settings  and  Explain 
text  provided  in  initialization  file  FileName. 

/s: 

Saves  Performance  counter  registry  settings  and  Explain  text 
to  file . 

/r 

Restores  counter  registry  settings  and  Explain  text  from 
current  registry  settings  and  cached  performance  files  related 
to  the  registry. 

This  option  is  available  only  in  the  Windows  Server  2003 
operating  system. 

/r: 

Restores  Performance  counter  registry  settings  and  Explain 
text  from  file  .  Warning:  if  you  use  the  lodctr  /r  command, 
you  will  overwrite  all  Performance  counter  registry  settings 
and  Explain  text,  replacing  them  with  the  configuration  defined 
in  the  file  specified. 

A: 

Indicates  that  service  is  trusted. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

If  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 

Examples 

To  save  the  current  Performance  registry  settings  and  counter  Explain  text  to  file  perf  backup1.txt: 

lodctr  /s:"perf  backupl.txt" 


additional  references 

•  Command-Line  Syntax  Key 


logman 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

logman  creates  and  manages  Event  Trace  Session  and  Performance  logs  and  supports  many  functions  of 
Performance  Monitor  from  the  command  line. 


Syntax 


logman  [create  |  query  | 

start  |  stop  |  delete|  update  |  import  |  export  |  /?]  [options] 

Actions 

ACTION 

DESCRIPTION 

logman  create 

create  a  counter,  trace,  configuration  data  collector,  or  API. 

logman  query 

query  data  collector  properties. 

logman  start  |  stop 

start  or  stop  data  collection. 

logman  delete 

delete  an  existing  data  collector. 

logman  update 

Update  the  properties  of  an  existing  data  collector. 

logman  import  |  export 

import  a  data  collector  set  from  an  XML  file  or  export  a  data 
collector  set  to  an  XML  file. 

logman  create 

4/13/2018  •  1  min  to  read  •  EditOnline 

Syntax 

logman  create  ccounter  |  trace  |  alert  |  cfg 

api>  <[-n]  <name>>  [options] 

Parameters 

PARAMETER 

DESCRIPTION 

logman  create  counter 

Create  a  counter  data  collector. 

logman  create  trace 

Create  a  trace  data  collector. 

logman  create  alert 

Create  an  alert  data  collector. 

logman  create  cfg 

Create  a  configuration  data  collector. 

logman  create  api 

Create  an  API  tracing  data  collector. 

Additional  references 


logman  query 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

query  data  collector  or  data  collector  set  properties. 


Syntax 


logman  query  [providers | "Data  Collector  Set  name"] 

[options] 

Parameters 

PARAMETER 

DESCRIPTION 

/? 

Displays  context-sensitive  help. 

-s 

Perform  the  command  on  the  specified  remote  computer. 

-config 

Specifies  the  settings  file  containing  command  options. 

[n] 

Name  of  the  target  object. 

-ets  Send  commands  to  Event  Trace  Sessions  directly  without 

saving  or  scheduling. 


Examples 

The  following  command  lists  all  Data  Collector  Sets  configured  on  the  target  system. 


logman  query 


The  following  command  lists  the  data  collectors  contained  in  the  Data  Collector  Set  named  perfjog. 


logman  query  "perf_log" 


The  following  command  lists  all  available  providers  of  data  collectors  on  the  target  system. 


logman  query  providers 

additional  references 


logman 


logman  start  |  stop 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

start  a  data  collector  and  set  the  begin  time  to  manual,  or  stop  a  data  collector  set  and  set  the  end  time  to  manual. 

Syntax 

logman  start  <[-n]  <name>>  [options] 
logman  stop  <[-n]  <name>>  [options] 


Parameters 


PARAMETER 

DESCRIPTION 

-? 

Displays  context-sensitive  help. 

-s 

Perform  the  command  on  the  specified  remote  computer. 

-config 

Specifies  the  settings  file  containing  command  options. 

[-n] 

Name  of  the  target  object. 

-ets 

Send  commands  to  Event  Trace  Sessions  directly  without 
saving  or  scheduling. 

-as 

Perform  the  requested  operation  asynchronously. 

Examples 

The  following  command  starts  the  data  collector  perfjog  on  the  remote  computer  server_1 . 
logman  start  perf_log  -s  server_l 

additional  references 

logman 


logman  delete 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

delete  an  existing  data  collector. 

Syntax 

logman  delete  <[-n]  <name>>  [options] 

Parameters 

PARAMETER 

DESCRIPTION 

/? 

Displays  context-sensitive  help. 

-s 

Perform  the  command  on  the  specified  remote  computer. 

-config 

Specifies  the  settings  file  containing  command  options. 

[-n] 

Name  of  the  target  data  collector. 

-ets 

Send  commands  to  Event  Trace  Sessions  directly  without 
saving  or  scheduling. 

-[-]u  <user  [password] > 

Specifies  the  user  to  Run  As.  Entering  a  *  for  the  password 
produces  a  prompt  for  the  password.  The  password  is  not 
displayed  when  you  type  it  at  the  password  prompt. 

Examples 

The  following  command  deletes  the  data  collector  perfjog. 

logman  delete  perf_log 

additional  references 


logman 


logman  update 
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Update  an  existing  data  collector. 

Syntax 

logman  update  ccounter  |  trace  |  alert  |  cfg 

api>  <[-n]  <name>>  [options] 

Parameters 

PARAMETER 

DESCRIPTION 

logman  update  counter 

Update  a  counter  data  collector. 

logman  update  trace 

Update  a  trace  data  collector. 

logman  update  alert 

Update  an  alert  data  collector. 

logman  update  cfg 

Update  a  configuration  data  collector. 

logman  update  api 

Update  an  API  tracing  data  collector. 

Additional  references 

Logman 


logman  import  |  export 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

import  a  Data  Collector  Set  from  an  XML  file,  or  export  a  Data  Collector  Set  to  an  XML  file. 

Syntax 

logman  import  <[-n]  <name>>  <-xml  <name>>  [options] 
logman  export  <[-n]  <name>>  oxml  <name>>  [options] 


Parameters 

PARAMETER 

DESCRIPTION 

-? 

Displays  context-sensitive  help. 

-s 

Perform  the  command  on  the  specified  remote  computer. 

-config 

Specifies  the  settings  file  containing  command  options. 

[n] 

Name  of  the  target  object. 

-xml 

Name  of  the  XML  file  to  import  or  export. 

-ets 

Send  commands  to  Event  Trace  Sessions  directly  without 
saving  or  scheduling. 

-[-]u  <user  [password] > 

User  to  Run  As.  Entering  a  *  for  the  password  produces  a 
prompt  for  the  password.  The  password  is  not  displayed  when 
you  type  it  at  the  password  prompt. 

-y 

Answer  yes  to  all  questions  without  prompting. 

Examples 

The  following  command  imports  the  XML  file  c:\windows\perf_log.xml  from  the  computer  server_1  as  a  data 
collector  set  called  perfjog. 

logman  import  perf_log  -s  server_l  -xml  "c:\windows\perf_log.xml" 

additional  references 

logman 


logoff 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Logs  off  a  user  from  a  session  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server  and  deletes  the  session 
from  the  server,  for  examples  of  how  to  use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 

logoff  [<SessionName>  |  <SessionID>]  [/server: <ServerName>]  [/v] 


Parameters 


PARAMETER  DESCRIPTION 


Specifies  the  name  of  the  session. 

Specifies  the  numeric  ID  which  identifies  the  session  to  the 

server. 

/server: 

Specifies  the  rd  Session  Host  server  that  contains  the  session 
whose  user  you  want  to  log  off.  If  unspecified,  the  server  on 
which  you  are  currently  active  is  used. 

/v 

Displays  information  about  the  actions  being  performed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  can  always  log  off  from  the  session  to  which  you  are  currently  logged  on.  You  must,  however,  have  Full 
Control  permission  to  log  off  users  from  other  sessions. 

•  Logging  off  a  user  from  a  session  without  warning  can  result  in  loss  of  data  at  the  user's  session.  You  should 
send  a  message  to  the  user  by  using  the  msg  command  to  warn  the  user  before  taking  this  action. 

•  if  <SessionlD>  or  <SessionName>  is  not  specified,  logoff  logs  off  the  user  from  the  current  session.  If  you 
specify  <SessionName>,  it  must  be  an  active  one. 

•  When  you  log  off  a  user,  all  processes  end  and  the  session  is  deleted  from  the  server. 

•  You  cannot  log  off  a  user  from  the  console  session.  ##  Examples 

•  To  log  off  a  user  from  the  current  session,  type:  logoff 


•  To  log  off  a  user  from  a  session  by  using  the  session's  ID,  for  example  session  1 2,  type:  logoff  12 

•  To  log  off  a  user  from  a  session  by  using  the  name  of  the  session  and  server,  for  example  session  TERM04  on 
Serverl ,  type:  logoff  TERM04  /server:Serverl 

additional  references 

•  Command-Line  Syntax  Key 

•  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


Ipq 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  the  status  of  a  print  queue  on  a  computer  running  Line  printer  Daemon  (LPD). 

Syntax 

lpq  -S  <ServerName>  -P  <printerName>  [-1] 


Parameters 

PARAMETER  DESCRIPTION 

-S  Specifies  (by  name  or  IP  address)  the  computer  or  printer 

sharing  device  that  hosts  the  LPD  print  queue  with  a  status 
that  you  want  to  display.  Required. 


-P  Specifies  (by  name)  the  printer  for  the  print  queue  with  a 

status  that  you  want  to  display.  Required. 

-I  Specifies  that  you  want  to  display  details  about  the  status  of 

the  print  queue. 

/?  Displays  help  at  the  command  prompt. 

remarks 

The  -S  and  -P  parameters  are  case  sensitive  and  must  be  typed  in  upper-case  letters. 

Examples 

This  example  shows  how  to  display  the  status  of  the  Laserprinterl  printer  queue  on  an  LPD  host  at  10.0.0.45: 

lpq  -S  10.0.0.45  -P  Laserprinterl 

additional  references 

Command-Line  Syntax  Key 
print  Command  Reference 


Ipr 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Sends  a  file  to  a  computer  or  printer  sharing  device  running  the  Line  printer  Daemon  (LPD)  service  in  preparation 
for  printing. 

Syntax 

lpr  [-S  <ServerName>]  -P  <printerName>  [-C  <BannerContent>]  [-]  <DobName>]  [-o  |  "-o  1"]  [ - x ]  [-d]  <filename> 

<11  !► 


Parameters 


PARAMETER 

DESCRIPTION 

-s 

Specifies  (by  name  or  IP  address)  the  computer  or  printer 
sharing  device  that  hosts  the  LPD  print  queue  with  a  status 
that  you  want  to  display.  Required. 

-p 

Specifies  (by  name)  the  printer  for  the  print  queue  with  a 
status  that  you  want  to  display.  Required. 

-c 

Specifies  the  content  to  print  on  the  banner  page  of  the  print 
job.  If  you  do  not  include  this  parameter,  the  name  of  the 
computer  from  which  the  print  job  was  sent  appears  on  the 
banner  page. 

-J 

Specifies  the  print  job  name  that  will  be  printed  on  the  banner 
page.  If  you  do  not  include  this  parameter,  the  name  of  the  file 
being  printed  appears  on  the  banner  page. 

[-o|  "-o  1"] 

Specifies  the  type  of  file  that  you  want  to  print.  The  parameter 
-o  specifies  that  you  want  to  print  a  text  file.  The  parameter 
o  1"  specifies  that  you  want  to  print  a  binary  file  (for  example, 
a  PostScript  file). 

-d 

Specifies  that  the  data  file  must  be  sent  before  the  control  file. 
Use  this  parameter  if  your  printer  requires  the  data  file  to  be 
sent  first.  For  more  information,  see  your  printer 
documentation. 

-x 

Specifies  that  the  Ipr  command  must  be  compatible  with  the 

Sun  Microsystems  operating  system  (referred  to  as  SunOS)  for 
releases  up  to  and  including  4.1 ,4_u1. 

Specifies  (by  name)  the  file  to  be  printed.  Required. 


/? 


Displays  help  at  the  command  prompt. 


remarks 

•  To  find  the  name  of  the  printer,  open  the  printers  folder. 

•  The  -S,  -P,  -C,  and  -J  parameters  are  case  sensitive  and  must  be  typed  in  upper-case  letters. 

##  Examples 

This  example  shows  how  to  print  the  "Document.txt"  text  file  to  the  Laserprinterl  printer  queue  on  an  LPD  host 
at  10.0.0.45: 

lpr  -S  10.0.0.45  -P  Laserprinterl  -o  Document.txt 

This  example  shows  how  to  print  the  "PostScript_file.ps"  Adobe  PostScript  file  to  the  Laserprinterl  printer 
queue  on  an  LPD  host  at  10.0.0.45: 

lpr  -S  10.0.0.45  -P  Laserprinterl  "-o  1"  PostScript_file.ps 

additional  references 

•  Command-Line  Syntax  Key 

•  print  Command  Reference 


macfile 

1 0/1 7/2017  •  6  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Manages  File  Server  for  Macintosh  servers,  volumes,  directories,  and  files.  You  can  automate  administrative  tasks 

by  including  a  series  of  commands  in  batch  files  and  starting  them  manually  or  at  predetermined  times. 

•  To  modify  directories  in  Macintosh-accessible  volumes 

•  To  join  a  Macintosh  file's  data  and  resource  forks 

•  To  change  the  logon  message  and  limit  sessions 

•  To  add,  change,  or  remove  Macintosh-accessible  volumes 

To  modify  directories  in  Macintosh-accessible  volumes 

Syntax 

macfile  directory[/server:\\<computerName>]  /path : <directory>  [/owner: <OwnerName>]  [/group:<GroupName>] 
[/permissions :< Permissions >] 

Parameters 

•  /server:\\  Specifies  the  server  on  which  to  change  a  directory.  If  omitted,  the  operation  is  performed  on  the  local 
computer. 

•  /path:  Required.  Specifies  the  path  to  the  directory  that  you  want  to  change.  The  directory  must  exist,  macfile 
directory  does  not  create  directories. 

•  /owner:  changes  the  owner  of  the  directory.  If  omitted,  the  owner  remains  unchanged. 

•  /group:  Specifies  or  changes  the  Macintosh  primary  group  that  is  associated  with  the  directory.  If  omitted,  the 
primary  group  remains  unchanged. 

•  /permissions:  Sets  permissions  on  the  directory  for  the  owner,  primary  group,  and  world  (everyone).  An  1 1  - 
digit  number  is  used  to  set  permissions.  The  number  1  grants  permission  and  0  revokes  permission  (for 
example,  11111011 000).  If  omitted,  permissions  remain  unchanged.  The  position  of  the  digit  determines 
which  permission  is  set,  as  described  in  the  following  table. 


POSITION 

SETS  PERMISSION  FOR 

First 

OwnerSeeFiles 

Second 

OwnerSeeFolders 

Third 

OwnerMakechanges 

Fourth 

GroupSeeFiles 

Fifth 

GroupSeeFolders 

Sixth 

GroupMakechanges 

POSITION 


SETS  PERMISSION  FOR 


Seventh 

WorldSeeFiles 

Eighth 

WorldSeeFolders 

Ninth 

WorldMakechanges 

Tenth 

The  directory  cannot  be  renamed,  moved,  or  deleted. 

Eleventh 

The  changes  apply  to  the  current  directory  and  all 
subdirectories. 

•  /?  Displays  help  at  the  command  prompt 

remarks 

•  if  the  information  that  you  supply  contains  spaces  or  special  characters,  use  quotation  marks  around  the  text 
(for  example,  "computer  Name"). 

•  Use  macfiledirectory  to  make  an  existing  directory  in  a  Macintosh-accessible  volume  available  to  Macintosh 
users.  The  macfiledirectory  command  does  not  create  directories.  Use  File  Manager,  the  command  prompt,  or 
the  macintosh  new  folder  command  to  create  a  directory  in  a  Macintosh-accessible  volume  before  you  use 
the  macfile  directory  command.  ###  Examples  The  following  example  changes  the  permissions  of  the 
subdirectory  May  sales,  in  the  Macintosh-accessible  volume  Statistics,  on  the  E  drive  of  the  local  server.  The 
example  assigns  See  Files,  See  Folders,  and  Make  changes  permissions  to  the  owner  and  See  Files  and  See 

Folders  permissions  to  all  other  users,  while  preventing  the  directory  from  being  renamed,  moved,  or  deleted. 

macfile  directory  /path : "e: \statistics\may  sales" 

/permissions : 11111011000 

To  join  a  Macintosh  file's  data  and  resource  forks 

Syntax 

macfile  forkize[/server:\\<computerName>]  [/creator: <CreatorName>]  [/type:<typeName>]  [/datafork:<Filepath>] 
[/resourcefork:<Filepath>]  /targetfile: <Filepath> 

Parameters 

PARAMETER 

DESCRIPTION 

/server:\\ 

Specifies  the  server  on  which  to  join  files.  If  omitted,  the 
operation  is  performed  on  the  local  computer. 

/creator: 

Specifies  the  creator  of  the  file.  The  Macintosh  finder  uses  the 
/creator  command-line  option  to  determine  the  application 
that  created  the  file. 

/type: 

Specifies  the  type  of  file.  The  Macintosh  finder  uses  the  /type 
command-line  option  to  determine  the  file  type  within  the 
application  that  created  the  file. 

/datafork: 

Specifies  the  location  of  the  data  fork  that  is  to  be  joined.  You 
can  specify  a  remote  path. 

/resourcefork: 

Specifies  the  location  of  the  resource  fork  that  is  to  be  joined. 

You  can  specify  a  remote  path. 

PARAMETER 


DESCRIPTION 


/targetfile:  Required.  Specifies  the  location  of  the  file  that  is  created  by 

joining  a  data  fork  and  a  resource  fork,  or  specifies  the 
location  of  the  file  whose  type  or  creator  you  are  changing. 
The  file  must  be  on  the  specified  server. 


/?  Displays  help  at  the  command  prompt. 

remarks 

•  if  the  information  that  you  supply  contains  spaces  or  special  characters,  use  quotation  marks  around  the  text 
(for  example,  "computer  Name"). 

Examples 

To  create  the  file  treeapp  on  the  Macintosh-accessible  volume  D:\Release,  using  the  resource  fork 
C:\Cross\Mac\Appcode,  and  to  make  this  new  file  appear  to  Macintosh  clients  as  an  application  (Macintosh 
applications  use  the  type  APPL)  with  the  creator  (signature)  set  to  MAGNOLIA,  type: 

macfile  forkize  /resourcefork: c:\cross\mac\appcode  /type:APPL  /creator: MAGNOLIA  /targetfile :D: \Release\treeapp 

To  change  the  file  creator  to  Microsoft  Word  5.1,  for  the  file  WOrd.txt  in  the  directory  D:\Word  documents\Group 
files,  on  the  server  \\SERverA,  type: 

macfile  forkize  /server:\\servera  /creator :MSWD  /type:TEXT  /targetfile: "d : \Word  documents\Group  files\Word.txt" 


To  change  the  logon  message  and  limit  sessions 


Syntax 

macfile  server  [/server:\\<computerName>] 

[/maxsessions : {Number  |  unlimited}]  [/loginmessage:<Message>] 

Parameters 

PARAMETER 

DESCRIPTION 

/server:\\  Specifies  the  server  on  which  to  change  parameters.  If 

omitted,  the  operation  is  performed  on  the  local  computer. 


/maxsessions:{Number  |  unlimited}  Specifies  the  maximum  number  of  users  who  can 

simultaneously  use  File  and  print  Servers  for  Macintosh.  If 
omitted,  the  maxsessions  setting  for  the  server  remains 
unchanged. 


/loginmessage:  changes  the  message  Macintosh  users  see  when  logging  on  to 

the  File  Server  for  Macintosh  server.  The  maximum  number  of 
characters  for  the  logon  message  is  199.  If  omitted,  the 
loginmessage  message  for  the  server  remains  unchanged.  To 
remove  an  existing  logon  message,  include  the 
/loginmessage  parameter,  but  leave  the  Message  variable 
blank. 


/? 


Displays  help  at  the  command  prompt. 


remarks 

•  if  the  information  that  you  supply  contains  spaces  or  special  characters,  use  quotation  marks  around  the  text 
(for  example,  "computer  Name”). 

Examples 

To  change  the  number  of  File  and  print  Server  for  Macintosh  sessions  that  are  permitted  on  the  local  server  from 
the  current  setting  to  five  sessions,  and  to  add  the  logon  message  "Log  off  from  Server  for  Macintosh  when  you 
are  finished.",  type: 

macfile  server  /maxsessions : 5  /loginmessage : "Log  off  from  Server  for  Macintosh  when  you  are  finished." 


To  add,  change,  or  remove  Macintosh-accessible  volumes 

Syntax 

macfile  volume  {/add|/set}  [/server:\\<computerName>]  /name:<volumeName>/path:<directory>[/readonly:{true  | 
false}]  [/guestsallowed : {true  |  false}]  [/password : <Password>]  [/maxusers : {<Number>> | unlimited}] 
macfile  volume  /remove[/server: \\<computerName>]  /name:<volumel\lame> 


Parameters 

PARAMETER 


DESCRIPTION 


{/add  |  /set] 

Required  when  you  are  adding  or  changing  a  Macintosh- 
accessible  volume,  adds  or  changes  the  specified  volume. 

/server:\\ 

Specifies  the  server  on  which  to  add,  change,  or  remove  a 
volume.  If  omitted,  the  operation  is  performed  on  the  local 
computer. 

/name: 

Required.  Specifies  the  volume  name  to  be  added,  changed,  or 
removed. 

/path: 

Required  and  valid  only  when  you  are  adding  a  volume. 
Specifies  the  path  to  the  root  directory  of  the  volume  to  be 
added. 

/readonly:{true  |  false] 

Specifies  whether  users  can  change  files  in  the  volume,  type 
true  to  specify  that  users  cannot  change  files  in  the  volume, 
type  false  to  specify  that  users  can  change  files  in  the  volume. 

If  omitted  when  adding  a  volume,  changes  to  files  are  allowed. 
If  omitted  when  changing  a  volume,  the  readonly  setting  for 
the  volume  remains  unchanged. 

/guestsallowed:{true  |  false] 

Specifies  whether  users  who  log  on  as  guests  can  use  the 
volume,  type  true  to  specify  that  guests  can  use  the  volume, 
type  false  to  specify  that  guests  cannot  use  the  volume.  If 
omitted  when  adding  a  volume,  guests  can  use  the  volume.  If 
omitted  when  changing  a  volume,  the  guestsallowed  setting 
for  the  volume  remains  unchanged. 

/password: 

Specifies  a  password  that  will  be  required  to  access  the 
volume.  If  omitted  when  adding  a  volume,  no  password  is 
created.  If  omitted  when  changing  a  volume,  the  password 
remains  unchanged. 

PARAMETER 


DESCRIPTION 


/maxusers:{>|unlimited}  Specifies  the  maximum  number  of  users  who  can 

simultaneously  use  the  files  on  the  volume.  If  omitted  when 
adding  a  volume,  an  unlimited  number  of  users  can  use  the 
volume.  If  omitted  when  changing  a  volume,  the  maxusers 
value  remains  unchanged. 


/remove  Required  when  you  are  removing  a  Macintosh-accesible 

volume,  removes  the  specified  volume. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  if  the  information  that  you  supply  contains  spaces  or  special  characters,  use  quotation  marks  around  the  text 
(for  example,  "computer  Name"). 

Examples 

To  create  a  volume  called  US  Marketing  Statistics  on  the  local  server,  using  the  Stats  directory  in  the  E  drive,  and  to 
specify  that  the  volume  cannot  be  accessed  by  guests,  type: 

macfile  volume  /add  /name:"US  Marketing  Statistics"  /guestsallowed :false  /path:e:\Stats 

To  change  the  volume  created  above  to  be  read-only  and  to  require  a  password,  and  to  set  the  number  of 
maximum  users  to  five,  type: 

macfile  volume  /set  /name:"US  Marketing  Statistics"  /readonly :true  /password : saturn  /maxusers:5 

To  add  a  volume  called  Landscape  Design,  on  the  server  \\Magnolia,  using  the  trees  directory  in  the  E  drive,  and  to 
specify  that  the  volume  can  be  accessed  by  guests,  type: 

macfile  volume  /add  /server:\\Magnolia  /name: "Landscape  Design"  /path:e:\trees 

To  remove  the  volume  called  Sales  Reports  on  the  local  server,  type: 

macfile  volume  /remove  /name: "Sales  Reports" 


additional  references 


•  Command-Line  Syntax  Key 


makecab 

4/1 3/2018  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Package  existing  files  into  a  cabinet  (.cab)  file. 

Syntax 

makecab  [ /v [ n ] ]  [/d  var=<value>  ...]  [/I  <dir>]  <source>  [<destination>] 
makecab  [ /v [ < n > ] ]  [/d  var=<value>  ...]  /f  <directives_file>  [...] 


Parameters 


PARAMETER 

DESCRIPTION 

File  to  compress. 

File  name  to  give  compressed  file.  If  omitted,  the  last  character 
of  the  source  file  name  is  replaced  with  an  underscore  (_)  and 
used  as  the  destination. 

/f  <directives_file> 

A  file  with  makecab  directives  (may  be  repeated). 

/d  var= 

Defines  variable  with  specified  value. 

/I 

Location  to  place  destination  (default  is  current  directory). 

/v[] 

Set  debugging  verbosity  level  (0=none,...,3=full). 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  Refer  to  Microsoft  Cabinet  format  on  MSDN  for  information  on  directive_file. 

additional  references 


•  Command-Line  Syntax  Key 


manage-bde 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Used  to  turn  on  or  turn  off  BitLocker,  specify  unlock  mechanisms,  update  recovery  methods,  and  unlock 
BitLocker-protected  data  drives.  This  command-line  tool  can  be  used  in  place  of  the  BitLocker  Drive 
Encryption  Control  Panel  item.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  [-status]  [-on]  [-off]  [-pause]  [-resume]  [-lock]  [-unlock]  [-autounlock]  [-protectors]  [-tpm] 
[-Setldentifier]  [-ForceRecovery]  [-changepassword]  [-changepin]  [-changekey]  [-KeyPackage]  [-upgrade]  [- 
WipeFreeSpace]  [{-?|/?}]  [{-help|-h}] 

Parameters 


PARAMETER 

DESCRIPTION 

Manage-bde:  status 

Provides  information  about  all  drives  on  the  computer, 
whether  or  not  they  are  BitLocker-protected. 

Manage-bde:  on 

Encrypts  the  drive  and  turns  on  BitLocker. 

Manage-bde:  off 

Decrypts  the  drive  and  turns  off  BitLocker.  All  key  protectors 
are  removed  when  decryption  is  complete. 

Manage-bde:  pause 

Pauses  encryption  or  decryption. 

Manage-bde:  resume 

Resumes  encryption  or  decryption. 

Manage-bde:  lock 

Prevents  access  to  BitLocker-protected  data. 

Manage-bde:  unlock 

Allows  access  to  BitLocker-protected  data  with  a  recovery 
password  or  a  recovery  key. 

Manage-bde:  autounlock 

Manages  automatic  unlocking  of  data  drives. 

Manage-bde:  protectors 

Manages  protection  methods  for  the  encryption  key. 

Manage-bde:  tpm 

Configures  the  computer's  Trusted  Platform  Module  (TPM). 
This  command  is  not  supported  on  computers  running 
Windows  8  or  win8_server_2.  To  manage  the  TPM  on  these 
computers,  use  either  the  TPM  Management  MMC  snap-in 
or  the  TPM  Management  cmdlets  for  Windows  PowerShell. 

Manage-bde:  setidentifier 

Sets  the  drive  identifier  field  on  the  drive  to  the  value 
specified  in  the  Provide  the  unique  identifiers  for  your 
organization  Group  Policy  setting. 

PARAMETER 

DESCRIPTION 

Manage-bde:  ForceRecovery 

Forces  a  BitLocker-protected  drive  into  recovery  mode  on 
restart.  This  command  deletes  all  TPM-related  key  protectors 
from  the  drive.  When  the  computer  restarts,  only  a  recovery 
password  or  recovery  key  can  be  used  to  unlock  the  drive. 

Manage-bde:  changepassword 

Modifies  the  password  for  a  data  drive. 

Manage-bde:  changepin 

Modifies  the  PIN  for  an  operating  system  drive. 

Manage-bde:  changekey 

Modifies  the  startup  key  for  an  operating  system  drive. 

Manage-bde:  Key  Package 

Generates  a  key  package  for  a  drive. 

Manage-bde:  upgrade 

Upgrades  the  BitLocker  version. 

Manage-bde:  WipeFreeSpace 

Wipes  the  free  space  on  a  drive. 

-?  or/? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  displays  the  drives  on  the  computer  and  identifies  whether  or  not  they  are  BitLocker- 
protected  and  the  current  encryption  status. 

manage-bde  -status 

The  following  example  illustrates  enabling  BitLocker  on  drive  C  with  the  option  of  a  recovery  password.  The 
recovery  password  will  be  generated  by  BitLocker  and  displayed  on  the  screen  so  that  you  can  record  it. 

manage-bde  -on  C:  -recoverypassword 

The  following  example  illustrates  unlocking  a  BitLocker-protected  drive  by  using  a  recovery  password, 
manage-bde  -unlock  E:  -recoverypassword  111111-222222-333333-444444-555555-666666-777777-888888 

Additional  references 


•  Command-Line  Syntax  Key 

•  Enabling  BitLocker  by  Using  the  Command  Line 


manage-bde:  status 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Provides  the  following  information  about  all  drives  on  the  computer;  whether  or  not  they  are  BitLocker-protected: 

•  Size 

•  BitLocker  version 

•  Conversion  status 

•  Percentage  encrypted 

•  Encryption  method 

•  Protection  status 

•  Lock  status 

•  Identification  field 

•  Key  protectors 


For  examples  of  how  this  command  can  be  used, 

Syntax 

see  Examples. 

manage-bde  -status  [<Drive>]  [ -protectionaserrorlevel]  [ -computername  <Name>]  [{-? |/?}]  [ { - help | - h } ] 

Parameters 

PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-  protectionaserrorlevel 

Causes  the  Manage-bde  command-line  tool  to  send  the 
return  code  of  0  when  the  volume  is  protected  and  1  when 
the  volume  is  unprotected;  most  commonly  used  for  batch 
scripts  to  determine  if  a  drive  is  BitLocker-protected.  You  can 
also  use  -p  as  an  abbreviated  version  of  this  command. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-lor  n 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 


The  following  example  illustrates  using  the  -status  command  to  display  the  status  of  drive  C. 


manage-bde  -status  C: 


Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  on 

4/1 3/2018  •  4  min  to  read  •  Edit  Online 


Encrypts  the  drive  and  turns  on  BitLocker.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -on  <Drive>  {[-recoverypassword  <NumericalPassword>] | [-recovery key  <PathToExternalDirectory>] | [- 
stantupkey  <PathToExternalKeyDirectory>] | [-certificate] | 

[-tpmandpin] | [ -tpmandpinandstartupkey  <PathToExternalKeyDirectory>] | [-tpmandstartupkey 
<PathToExternalKeyDirectory>] | [-password] | [ -ADAccountOrGroup  <Domain\Account>] } 

[-UsedSpaceOnly] [ -encryptionmethod  {aesl28_diff user | aes256_dif fuser | aesl28 | aes256}]  [-skiphardwaretest]  [- 
discoveryvolumetype  <FileSystemType>]  [-ForceEncryptionType  <type>]  [-RemoveVolumeShadowCopies] [-computername 
<Name>] 

[{-?!/?}]  [{-help | -h}] 


Parameters 


PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-  recoverypassword 

Adds  a  numerical  password  protector.  You  can  also  use  -rp  as 
an  abbreviated  version  of  this  command. 

<NumericalPassword> 

Represents  the  recovery  password. 

-recovery key 

Adds  an  external  key  protector  for  recovery.  You  can  also  use  - 
rk  as  an  abbreviated  version  of  this  command. 

<  PathToExternalDirectory> 

Represents  the  directory  path  to  the  recovery  key. 

-startupkey 

Adds  an  external  key  protector  for  startup.  You  can  also  use  - 
sk  as  an  abbreviated  version  of  this  command. 

<  PathToExternalKeyDirectory> 

Represents  the  directory  path  to  the  startup  key. 

-certificate 

Adds  a  public  key  protector  for  a  data  drive.  You  can  also  use  - 
cert  as  an  abbreviated  version  of  this  command. 

-tpmandpin 

Adds  a  Trusted  Platform  Module  (TPM)  and  personal 
identification  number  (PIN)  protector  for  the  operating  system 
drive.  You  can  also  use  -tp  as  an  abbreviated  version  of  this 
command. 

-tpmandstartupkey 

Adds  a  TPM  and  startup  key  protector  for  the  operating 
system  drive.  You  can  also  use  -tsk  as  an  abbreviated  version 
of  this  command. 

-tpmandpinandstartupkey 

Adds  a  TPM,  PIN,  and  startup  key  protector  for  the  operating 
system  drive.  You  can  also  use  -tpsk  as  an  abbreviated  version 
of  this  command. 

PARAMETER 


DESCRIPTION 


-password 

Adds  a  password  key  protector  for  the  data  drive.  You  can  also 
use  -pw  as  an  abbreviated  version  of  this  command. 

-ADAccountOrGroup 

Adds  a  SID- based  identity  protector  for  the  volume.  The 
volume  will  automatically  unlock  if  the  user  or  computer  has 
the  proper  credentials.  When  specifying  a  computer  account, 
append  a  $  to  the  computer  name  and  specify  -service  to 
indicate  that  the  unlock  should  happen  in  the  content  of  the 
BitLocker  server  instead  of  the  user.  You  can  also  use  -sid  as 

an  abbreviated  version  of  this  command. 

-UsedSpaceOnly 

Sets  the  encryption  mode  to  Used  Space  Only  encryption.  The 
sections  of  the  volume  containing  used  space  will  be 
encrypted  but  the  free  space  will  not.  If  this  option  is  not 
specified,  all  used  space  and  free  space  on  the  volume  will  be 
encrypted..  You  can  also  use  -used  as  an  abbreviated  version 
of  this  command. 

-encryptionMethod 

Configures  the  encryption  algorithm  and  key  size.  You  can  also 
use  -em  as  an  abbreviated  version  of  this  command. 

-skiphardwaretest 

Begins  encryption  without  a  hardware  test.  You  can  also  use  -s 
as  an  abbreviated  version  of  this  command. 

-discoveryvolumetype 

Specifies  the  file  system  to  use  for  the  discovery  data  drive. 

The  discovery  data  drive  is  a  hidden  drive  added  to  a  FAT- 
formatted,  BitLocker-protected  removable  data  drive  that 
contains  the  BitLocker  To  Go  Reader  so  that  Windows  Vista  or 
Windows  XP  operating  systems  can  be  used  to  view  BitLocker- 
protected  drives. 

-ForceEncryptionType 

Forces  BitLocker  to  use  either  software  or  hardware 
encryption.  You  can  specify  either  Hardware  or  Software  as 
the  encryption  type.  If  the  hardware  parameter  is  selected, 
but  the  drive  does  not  support  hardware  encryption,  manage- 
bde  returns  an  error.  If  Group  Policy  settings  forbids  the 
specified  encryption  type,  manage-bde  returns  an  error.  You 
can  also  use  -fet  as  an  abbreviated  version  of  this  command. 

-  RemoveVolu  meShadowCopies 

Force  deletikon  of  Volume  Shadow  Copies  for  the  volume.  You 
will  not  be  able  to  restore  this  volume  using  previous  system 
restore  points  after  running  this  command.  You  can  also  use  - 
rvsc  as  an  abbreviated  version  of  this  command. 

<FileSystemType> 

Specifies  which  file  systems  can  be  used  with  discovery  data 
drives:  FAT32,  default,  or  none. 

-computername 

Specifies  that  Manage-bde  is  being  used  to  modify  BitLocker 
protection  on  a  different  computer.  You  can  also  use  -cn  as  an 
abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

PARAMETER 


DESCRIPTION 


-help  or  -h 


Displays  complete  Help  at  the  command  prompt. 


Examples 

The  following  example  illustrates  using  the  -on  command  to  turn  on  BitLocker  for  drive  C  and  add  a  recovery 
password  to  the  drive. 

manage-bde  -on  C:  -recoverypassword 

The  following  example  illustrates  using  the  -on  command  to  turn  on  BitLocker  for  drive  C,  add  a  recovery 
password  to  the  drive,  and  save  a  recovery  key  to  drive  E. 

manage-bde  -on  C:  -recoverykey  E:\  -recoverypassword 

The  following  example  illustrates  using  the  -on  command  to  turn  on  BitLocker  for  drive  C  by  using  an  external  key 
protector  (such  as  a  USB  key)  to  unlock  the  operating  system  drive.  This  method  is  required  if  you  are  using 
BitLocker  with  computers  that  do  not  have  a  TPM. 

manage-bde  -on  C:  -startupkey  E:\ 

The  following  example  illustrates  using  the  -on  command  to  turn  on  BitLocker  for  data  drive  E  and  add  a  password 
key  protector.  Manage-bde  will  prompt  you  to  enter  the  password  after  this  command  has  been  entered. 

manage-bde  -on  E:  -pw 

The  following  example  illustrates  using  the  -on  command  to  turn  on  BitLocker  for  operating  system  drive  C  and 
use  hardware-based  encryption. 

manage-bde  -on  C:  -fet  Hardware 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  off 

4/13/2018  •  1  min  to  read  •  EditOnline 

Decrypts  the  drive  and  turns  off  BitLocker.  All  key  protectors  are  removed  when  decryption  is  complete.  For 
examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -off  [<Volume>]  [-computername  <Name>]  [ { -  ?  |  / : 

?}]  [ { - help | -h}] 

Parameters 

PARAMETER 

DESCRIPTION 

<Volume> 

A  drive  letter  followed  by  a  colon,  a  volume  GUID  path,  or  a 
mounted  volume. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -off  command  to  turn  off  BitLocker  on  drive  C. 

manage-bde  -off  C: 

Additional  references 


•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde: 

pause 

4/13/2018  •  1  min  to  read 

•  Edit  Online 

Pauses  BitLocker  encryption  or  decryption.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -pause  <Volume>  [-computername  <Name>]  [{-? |/?}]  [ { - help | - h} ] 

Parameters 

PARAMETER 

DESCRIPTION 

<Volume> 

A  drive  letter  followed  by  a  colon,  a  volume  GUID  path,  or  a 
mounted  volume. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -pause  command  to  pause  BitLocker  encryption  on  drive  C. 

manage-bde  -pause  C: 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  resume 
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Resumes  BitLocker  encryption  or  decryption  after  it  has  been  paused.  For  examples  of  how  this  command  can  be 

used,  see  Examples. 

Syntax 

manage-bde  -resume  [<Drive>]  [-computername  <Name>] 

[{-?|/?}]  [{-help | -h}] 

Parameters 

PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -resume  command  to  resume  BitLocker  encryption  on  drive  C. 

manage-bde  -resume  C: 

Additional  references 


•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  lock 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Locks  a  BitLocker-protected  drive  to  prevent  access  to  it  unless  the  unlock  key  is  provided.  For  examples  of  how 
this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -lock  [<Drive>]  [-computername  <Name>]  [{-? |/?}]  [ { - help | - h} ] 

Parameters 


PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -lock  command  to  lock  data  drive  D. 
manage-bde  -lock  D: 

Additional  references 


•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  unlock 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Unlocks  a  BitLocker-protected  drive  by  using  a  recovery  password  or  a  recovery  key.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -unlock  {-necovenypasswond  <Password> | -recoverykey  <PathToExternalKeyFile>}  <Drive>  [-certificate  {- 
cf  PathToCertificateFile  |  -ct  CertificateThumbprint}  {-pin}]  [-password]  [-computername  <Name>]  [{-?|/?}]  [{- 
help | -h}] 


Parameters 


PARAMETER 

VALUE 

DESCRIPTION 

-  recovery  password 

Specifies  that  a  recovery  password  will 

be  used  to  unlock  the 

drive.Abbreviation:  -rp 

<  Password  > 

Represents  the  recovery  password  that 
can  be  used  to  unlock  the  drive. 

-recoverykey 

Specifies  that  an  external  recovery  key 
file  will  be  used  to  unlock  the  drive. 

Abbreviation:  -rk 

<  PathToExternalKeyFile> 

Represents  the  external  recovery  key  file 
that  can  be  used  to  unlock  the  drive. 

<Drive> 

Represents  a  drive  letter  followed  by  a 
colon. 

-certificate 

The  local  user  certificate  for  a  BitLocker 

certificate  to  unclock  the  volume  is 

located  in  the  locat  user  certificate 

store.  Abbreviation:  -cert 

<-cf  PathToCertificateFile> 

Path  to  the  cerficate  file 

<-ct  CertificateThumbprint> 

Certificate  thumbprint  which  may 
optionally  include  the  PIN  (-pin). 

-password 

Presents  a  prompt  for  the  password  to 
unlock  the  volume.  Abbreviation:  -pw 

-computername 

Specifies  that  Manage-bde.exe  will  be 
used  to  modify  BitLocker  protection  on 
a  different  computer.  Abbreviation:  -cn 

PARAMETER 


VALUE 


DESCRIPTION 


<  Name>  Represents  the  name  of  the  computer 

on  which  to  modify  BitLocker 
protection.  Accepted  values  include  the 
computer's  NetBIOS  name  and  the 
computer's  IP  address. 


-?  or  /? 


Displays  brief  Help  at  the  command 
prompt. 


-help  or  -h 


Displays  complete  Help  at  the 
command  prompt. 


Examples 

The  following  example  illustrates  using  the  -unlock  command  to  unlock  drive  E  with  a  recovery  key  file  that  has 
been  saved  to  a  backup  folder  on  another  drive. 

manage-bde  -unlock  E:  -recoverykey  "F:\Backupkeys\recoverykey.bek" 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  autounlock 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Manages  the  automatic  unlocking  of  BitLocker-protected  data  drives.  For  examples  of  how  this  command  can  be 
used,  see  Examples. 

Syntax 


manage-bde  -autounlock  [{-enable! -disable| 

-clearallkeys}]  <Drive>  [-computername  <Name>]  [{-?|/?}]  [{-help|-h}] 

Parameters 


PARAMETER 

DESCRIPTION 

-enable 

Enables  automatic  unlocking  for  a  data  drive. 

-disable 

Disables  automatic  unlocking  for  a  data  drive. 

-clearallkeys 

Removes  all  stored  external  keys  on  the  operating  system 
drive. 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -autounlock  command  to  enable  automatic  unlocking  of  data  drive  E 
manage-bde  -autounlock  -enable  E: 

Additional  references 


•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  protectors 

1 0/1 7/2017  •  6  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Manages  the  protection  methods  used  for  the  BitLocker  encryption  key.  For  examples  of  how  this  command  can  be 
used,  see  Examples. 

Syntax 

manage-bde  -protectors  [{-get | -add | -delete | -disable | -enable | -adbackup}]  <Drive>  [-computername  <Name>]  [{-? 
|/?}]  [{-help | -h}] 


Parameters 

PARAMETER 


DESCRIPTION 


-get 

Displays  all  the  key  protection  methods  enabled  on  the  drive 
and  provides  their  type  and  identifier  (ID). 

-add 

adds  key  protection  methods  as  specified  by  using  additional 

add  parameters. 

-delete 

deletes  key  protection  methods  used  by  BitLocker.  All  key 
protectors  will  be  removed  from  a  drive  unless  the  optional  - 
delete  parameters  are  used  to  specify  which  protectors  to 
delete.  When  the  last  protector  on  a  drive  is  deleted,  BitLocker 
protection  of  the  drive  is  disabled  to  ensure  that  access  to 
data  is  not  lost  inadvertently. 

-disable 

Disables  protection,  which  will  allow  anyone  to  access 
encrypted  data  by  making  the  encryption  key  available 
unsecured  on  drive.  No  key  protectors  are  removed. 

Protection  will  be  resumed  the  next  time  Windows  is  booted 
unless  the  optional  -disable  parameters  are  used  to  specify  the 
reboot  count. 

-enable 

Enables  protection  by  removing  the  unsecured  encryption  key 
from  the  drive.  All  configured  key  protectors  on  the  drive  will 
be  enforced. 

-adbackup 

Backs  up  all  recovery  information  for  the  drive  specified  to 
active  directory  Domain  Services  (AD  DS).  To  back  up  only  a 
single  recovery  key  to  AD  DS,  append  the  -id  parameter  and 
specify  the  ID  of  a  specific  recovery  key  to  back  up. 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  manage-bde.exe  will  be  used  to  modify  BitLocker 
protection  on  a  different  computer.  You  can  also  use  -cn  as  an 
abbreviated  version  of  this  command. 

PARAMETER 


DESCRIPTION 


Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  help  at  the  command  prompt. 

add  syntax  and  parameters 

manage-bde  protectors  add  [<Drive>]  [-forceupgrade]  [-recoverypassword  <l\lumericalPassword>]  [ -recoverykey 
<pathToExternalKeydirectory>] 

[-startupkey  <pathToExternalKeydirectory>]  [-certificate  {-cf  <pathToCertificateFile> | -ct 
<CertificateThumbprint>}]  [-tpm]  [-tpmandpin] 

[-tpmandstartupkey  <pathToExternalKeydirectory>]  [ -tpmandpinandstartupkey  <pathToExternalKeydirectory>]  [- 
password] [ -adaccountorgroup  <securityidentifier>  [ -computername  <Name>] 


[{-?  1/?}]  [{-help | -h}] 

PARAMETER 

DESCRIPTION 

Represents  a  drive  letter  followed  by  a  colon. 

-  recoverypassword 

adds  a  numerical  password  protector.  You  can  also  use  -rp  as 
an  abbreviated  version  of  this  command. 

Represents  the  recovery  password. 

-recoverykey 

adds  an  external  key  protector  for  recovery.  You  can  also  use  - 
rk  as  an  abbreviated  version  of  this  command. 

Represents  the  directory  path  to  the  recovery  key. 

-startupkey 

adds  an  external  key  protector  for  startup.  You  can  also  use  - 
sk  as  an  abbreviated  version  of  this  command. 

Represents  the  directory  path  to  the  startup  key. 

-certificate 

adds  a  public  key  protector  for  a  data  drive.  You  can  also  use  - 
cert  as  an  abbreviated  version  of  this  command. 

-cf 

Specifies  that  a  certificate  file  will  be  used  to  provide  the  public 
key  certificate. 

Represents  the  directory  path  to  the  certificate  file. 

-ct 

Specifies  that  a  certificate  thumbprint  will  be  used  to  identify 
the  public  key  certificate 

Specifies  the  value  of  the  thumbprint  property  of  the 
certificate  you  want  to  use.  For  example,  a  certificate 
thumbprint  value  of  "a9  09  50  2d  d8  2a  e4  14  33  e6  f8  38  86 
bO  Od  42  77  a3  2a  7b"  should  be  specified  as 
na909502dd82ae41433e6f83886b00d4277a32a7b." 

PARAMETER 


DESCRIPTION 


-tpmandpin 

adds  a  Trusted  Platform  Module  (TPM)  and  personal 
identification  number  (PIN)  protector  for  the  operating  system 
drive.  You  can  also  use  -tp  as  an  abbreviated  version  of  this 
command. 

-tpmandstartupkey 

adds  a  TPM  and  startup  key  protector  for  the  operating 
system  drive.  You  can  also  use  -tsk  as  an  abbreviated  version 
of  this  command. 

-tpmandpinandstartupkey 

adds  a  TPM,  PIN,  and  startup  key  protector  for  the  operating 
system  drive.  You  can  also  use  -tpsk  as  an  abbreviated  version 
of  this  command. 

-password 

adds  a  password  key  protector  for  the  data  drive.  You  can  also 
use  -pw  as  an  abbreviated  version  of  this  command. 

-adaccountorgroup 

adds  a  security  identifier(SID)- based  identity  protector  for  the 
volume.  You  can  also  use  -sid  as  an  abbreviated  version  of  this 
command.  IMPORTANT:  By  default,  you  cannot  add  an 
ADAccountOrGroup  protector  remotely  using  either  WMI  or 
manage-bde.  if  your  deployment  requires  the  ability  to  add 
this  protector  remotely  you  must  enable  constrained 
delegation. 

-computername 

Specifies  that  manage-bde  is  being  used  to  modify  BitLocker 
protection  on  a  different  computer.  You  can  also  use  -cn  as  an 
abbreviated  version  of  this  command. 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-delete  syntax  and  parameters 

manage-bde  protectors  delete  <Drive>  [-type 

{recovery password | externalkey | certificate |t pm | tpmandstartupkey | tpmandpin | tpmandpinandstartupkey | Password | Identi 

ty>] 

[-id  <KeyProtectorID>]  [-computername  <Name>]  [{-? |/?}]  [ { - help | - h} ] 

PARAMETER 

DESCRIPTION 

Represents  a  drive  letter  followed  by  a  colon. 

-type 

Identifies  the  key  protector  to  delete.  You  can  also  use  -t  as  an 
abbreviated  version  of  this  command. 

recoverypassword 

Specifies  that  any  recovery  password  key  protectors  should  be 
deleted. 

externalkey 

Specifies  that  any  external  key  protectors  associated  with  the 
drive  should  be  deleted. 

certificate 

Specifies  that  any  certificate  key  protectors  associated  with  the 
drive  should  be  deleted. 

PARAMETER 


DESCRIPTION 


tpm 

Specifies  that  any  TPM-only  key  protectors  associated  with  the 
drive  should  be  deleted. 

tpmandstartupkey 

Specifies  that  any  TPM  and  startup  key  based  key  protectors 
associated  with  the  drive  should  be  deleted. 

tpmandpin 

Specifies  that  any  TPM  and  PIN  based  key  protectors 
associated  with  the  drive  should  be  deleted. 

tpmandpinandstartupkey 

Specifies  that  any  TPM,  PIN,  and  startup  key  based  key 
protectors  associated  with  the  drive  should  be  deleted. 

password 

Specifies  that  any  password  key  protectors  associated  with  the 
drive  should  be  deleted. 

identity 

Specifies  that  any  identity  key  protectors  associated  with  the 
drive  should  be  deleted. 

-id 

Identifies  the  key  protector  to  delete  by  using  the  key 
identifier.  This  parameter  is  an  alternative  option  to  the  -type 
parameter. 

Identifies  an  individual  key  protector  on  the  drive  to  delete. 

Key  protector  IDs  can  be  displayed  by  using  the  manage-bde 
-protectors  -get  command. 

-computername 

Specifies  that  manage-bde.exe  will  be  used  to  modify  BitLocker 
protection  on  a  different  computer.  You  can  also  use  -cn  as  an 
abbreviated  version  of  this  command. 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?or  n 

Displays  brief  help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  help  at  the  command  prompt. 

-disable  syntax  and  parameters 

manage-bde  protectors  disable  <Drive>  | 
help | -h}] 

^ -RebootCount  cinteger  0  -  15 > ]  [-computername  <Name>]  [{-?|/?}]  [{- 

PARAMETER 

DESCRIPTION 

Represents  a  drive  letter  followed  by  a  colon. 

PARAMETER 


DESCRIPTION 


RebootCount 

Specifies  that  protection  of  the  operating  system  volume  has 
been  suspended  and  will  resume  after  Windows  has  been 
restarted  the  number  of  times  specified  in  the  RebootCount 
parameter.  Specify  0  to  suspend  protection  indefinitely.  If  this 
parameter  is  not  specified  BitLocker  protection  will 
automatically  resume  when  Windows  is  restarted.  You  can  also 
use  -rc  as  an  abbreviated  version  of  this  command. 

-computername 

Specifies  that  manage-bde.exe  will  be  used  to  modify  BitLocker 
protection  on  a  different  computer.  You  can  also  use  -cn  as  an 
abbreviated  version  of  this  command. 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -protectors  command  to  add  a  certificate  key  protector  identified  by  a 
certificate  file  to  drive  E. 

manage-bde  protectors  add  E:  -certificate  cf  "c:\File  Folder\Filename.cer" 

The  following  example  illustrates  using  the  -protectors  command  to  add  an  adaccountorgroup  key  protector 
identified  by  domain  and  user  name  to  drive  E. 

manage-bde  protectors  add  E:  -sid  DOMAIN\user 

The  following  example  illustrates  using  the  **  protectors**  command  to  disable  protection  until  the  computer  has 
rebooted  3  times. 

manage-bde  protectors  disable  C:  -rc  3 

The  following  example  illustrates  using  the  -protectors  command  to  delete  all  TPM  and  startup  key  based  key 
protectors  on  drive  C. 

manage-bde  protectors  delete  C:  -type  tpmandstartupkey 

The  following  example  illustrates  using  the  -protectors  command  to  back  up  all  recovery  information  for  drive  C 
to  AD  DS. 

manage-bde  protectors  adbackup  C: 


additional  references 


Command-Line  Syntax  Key 
manage-bde 


manage-bde:  tpm 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


IMPORTANT 

This  command  is  not  supported  for  use  on  computers  running  Windows  8,  Windows  Server  2012  or  later  operating  systems. 

For  those  computers,  you  can  use  the  TPM  Management  cmdlets  for  Windows  PowerShell.  if  you  are  using  this  command  on 
computer  running  Windows  7  or  Windows  Server  2008,  you  can  still  configure  the  computer's  Trusted  Platform  Module 
(TPM)  using  this  command.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -tpm  [-turnon]  [ -takeownership 

<OwnerPassword>]  [-computername  <Name>]  [{-?  |/?}]  [ { - help | - h } ] 

Parameters 

PARAMETER 

DESCRIPTION 

-turnon 

Enables  and  activates  the  TPM,  allowing  the  TPM  owner 
password  to  be  set.  You  can  also  use  -t  as  an  abbreviated 
version  of  this  command. 

-takeownership 

Takes  ownership  of  the  TPM  by  setting  an  owner  password.  You 
can  also  use  -o  as  an  abbreviated  version  of  this  command. 

Represents  the  owner  password  that  you  specify  for  the  TPM. 

-computername 

Specifies  that  manage-bde.exe  will  be  used  to  modify  BitLocker 
protection  on  a  different  computer.  You  can  also  use  -cn  as  an 
abbreviated  version  of  this  command. 

Represents  the  name  of  the  computer  on  which  to  modify 

BitLocker  protection.  Accepted  values  include  the  computer's 

NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -tpm  command  to  turn  on  the  TPM. 

manage-bde  tpm  -turnon 

The  following  example  illustrates  using  the  **  tpm**  command  to  take  ownership  of  the  TPM  and  set  the  owner  password  to 

0wnerP@ss. 

manage-bde  tpm  takeownership  0wnerP@ss 

additional  references 

•  Command- Line  Syntax  Key 

•  manage-bde 

manage-bde:  setidentifier 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  drive  identifier  field  on  the  drive  to  the  value  specified  in  the  Provide  the  unique  identifiers  for  your 
organization  Group  Policy  setting.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 


manage-bde  -setidentifier  <Drive>  | 

Acomputername  <Name>]  [{-?|/?}]  [ { - help | - h } ] 

Parameters 


PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -setidentifier  command  to  set  BitLocker  drive  identifier  field  for  C 
manage-bde  -setidentifier  C: 

Additional  references 


•  Command-Line  Syntax  Key 

•  Manage-bde 

•  Using  Data  Recovery  Agents  with  BitLocker 


manage-bde:  forcerecovery 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Forces  a  BitLocker-protected  drive  into  recovery  mode  on  restart.  This  command  deletes  all  Trusted  Platform 
Module  (TPM)-related  key  protectors  from  the  drive.  When  the  computer  restarts,  only  a  recovery  password  or 
recovery  key  can  be  used  to  unlock  the  drive.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 


manage-bde  -forcerecovery  <Drive>  | 

'-computername  <Name>]  [{- ? | / ?}]  [ { - help | - h } ] 

Parameters 


PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  P. 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -forcerecovery  command  to  cause  BitLocker  to  start  in  recovery  mode 
on  drive  C. 

manage-bde  -forcerecovery  C: 

Additional  references 


•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  changepassword 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Modifies  the  password  for  a  data  drive.  The  user  is  prompted  for  a  new  password.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -changepassword  [<Drive>]  [ -computername  <Name>]  [{-? |/?}]  [ { - help | - h} ] 

Parameters 


PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -changepassword  command  to  change  the  password  used  to  unlock 
BitLocker  on  data  drive  D. 

manage-bde  -changepassword  D: 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  changepin 

4/13/2018  •  1  min  to  read  •  EditOnline 

Modifies  the  PIN  for  an  operating  system  drive.  The  user  is  prompted  to  enter  a  new  PIN.  For  examples  of  how 

this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -changepin  [<Drive>]  [-computenname  <Name>]  [{-?|/?}]  [{-help|-h}] 

Parameters 

PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -changepin 

C. 

command  to  change  the  PIN  used  with  BitLocker  on  drive 

manage-bde  -changepin  C: 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  changekey 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Modifies  the  startup  key  for  an  operating  system  drive.  For  examples  of  how  this  command  can  be  used,  see 

Examples. 

Syntax 

manage-bde  -changekey  [<Drive>]  [<PathToExternalKeyDirectory>]  [ -computenname  <Name>]  [{- ? | / ?}]  [ { - help | - h} ] 


Parameters 

PARAMETER 


DESCRIPTION 


<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

<  PathToExternalKeyDirectory> 

Represents  the  directory  location  to  save  the  external  startup 
key  file  that  can  be  used  to  unlock  the  drive. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -changekey  command  to  create  a  new  startup  key  on  drive  E  to  use 
with  BitLocker  encryption  on  drive  C. 

manage-bde  -changekey  C:  E:\ 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


manage-bde:  KeyPackage 

4/13/2018  •  1  min  to  read  •  EditOnline 

Generates  a  key  package  for  a  drive.  The  key  package  can  be  used  in  conjunction  with  the  repair  tool  to  repair 
corrupted  drives.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

manage-bde  -KeyPackage  [<Drive>]  [-ID  <KeyProtectoryID>] 
<Name>]  [{- ? | /?}]  [{-help | -h}] 

[-path  <PathToExternalKeyDirectory>]  [-computername 

Parameters 

PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-ID 

Create  a  key  package  using  the  key  protector  with  the 
identifier  specified  by  this  ID  value. 

-path 

Location  in  which  to  save  the  key  package  created. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -KeyPackage  command  to  create  a  key  package  for  drive  C  based  off 
the  key  protector  identified  by  the  GUID  and  to  save  the  key  package  to  F:\Folder. 

manage-bde  -KeyPackage  C:  -id  {84E151C1. .  .7A62067A512}  -path  "f:\Folder" 


TIP 

Use  manage-bde  -protectors  -get  along  with  the  drive  letter  that  you  want  to  create  a  key  package  for  to  get  a  list  of 
available  GUIDs  to  use  as  the  ID  value. 


Additional  references 

•  Command-Line  Syntax  Key 


Manage-bde 


manage-bde:  upgrade 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Upgrades  the  BitLocker  version.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 


manage-bde  -upgrade  [<Drive>] 

[ -computername  <Name>]  [{-?|/?}]  [ { - help | - h } ] 

Parameters 


PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -upgrade  command  to  upgrade  BitLocker  encryption  on  drive  C 
manage-bde  -upgrade  C: 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 

•  Upgrading  a  BitLocker-Protected  Computer  from  Windows  Vista  to  Windows  7 


manage-bde:  WipeFreeSpace 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Wipes  the  free  space  on  the  volume  removing  any  data  fragments  that  may  have  existed  in  the  space.  Running  this 
command  on  a  volume  that  was  encrypted  using  the  "Used  Space  Only^?  encryption  method  provides  the  same 
level  of  protection  as  the  "Full  Volume  Encryption^?  encryption  method.  For  examples  of  how  this  command  can 
be  used,  see  Examples. 


Syntax 


manage-bde  -WipeFreeSpace | 

-w  [<Drive>]  [-Cancel]  [-computername  <Name>]  [{-?|/?}]  [{-help]-h}] 

Parameters 

PARAMETER 

DESCRIPTION 

<Drive> 

Represents  a  drive  letter  followed  by  a  colon,  a  volume  GUID 
path,  or  a  mounted  volume. 

-Cancel 

Cancels  a  wipe  of  free  space  that  is  in  process. 

-computername 

Specifies  that  Manage-bde.exe  will  be  used  to  modify 

BitLocker  protection  on  a  different  computer.  You  can  also  use 
-cn  as  an  abbreviated  version  of  this  command. 

<Name> 

Represents  the  name  of  the  computer  on  which  to  modify 
BitLocker  protection.  Accepted  values  include  the  computer's 
NetBIOS  name  and  the  computer's  IP  address. 

-?  or  /? 

Displays  brief  Help  at  the  command  prompt. 

-help  or  -h 

Displays  complete  Help  at  the  command  prompt. 

Examples 

The  following  example  illustrates  using  the  -w  command  to  create  wipe  the  free  space  on  drive  C. 
manage-bde  -w  C: 

The  following  example  illustrates  using  the  -w  command  with  the  -cancel  parameter  to  cancel  the  wipe  the  free 
space  on  drive  C. 

manage-bde  -w  -Cancel  C: 

Additional  references 

•  Command-Line  Syntax  Key 

•  Manage-bde 


mapadmin 
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You  can  use  Mapadmin  to  manage  User  Name  Mapping  for  Microsoft  Services  for  Network  File  System. 


Syntax 


mapadmin 

[<computer>] 

[-u 

<user> 

t-p 

<password>] ] 

mapadmin 

[<computer>] 

[-u 

<user> 

t-p 

<password>] ] 

{start  |  stop} 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

config  <option[ . . . ] > 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

add  -wu  <Windowsllser>  -uu  <UNIXUser>  [-setprimary] 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

add  -wg  <WindowsGroup>  -ug  <UNIXGroup>  [-setprimary] 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

setprimary  -wu  <WindowsUser>  [-uu  <UNIXUser>] 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

setprimary  -wg  <WindowsGroup>  [-ug  <UNIXGroup>] 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

delete  <option[ . . . ] > 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

list  <option[ . . . ] > 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

backup  <filename> 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

restore  <filename> 

mapadmin 

<path>} 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

adddomainmap  -d  <WindowsDomain>  {-y  <<NISdomain>>  |  -f 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

removedomainmap  -d  <WindowsDomain>  -y  <<NISdomain>> 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

removedomainmap  -all 

mapadmin 

[<computer>] 

[-U 

<user> 

t-p 

<password>] ] 

listdomainmaps 

Description 

The  mapadmin  command-line  utility  administers  User  Name  Mapping  on  the  local  or  remote  computer  running 
Microsoft  Services  for  Network  File  System.  If  you  are  logged  on  with  an  account  that  does  not  have 
administrative  credentials,  you  can  specify  a  user  name  and  password  of  an  account  that  does. 

In  addition  to  specific  command  arguments,  mapadmin  accepts  the  following  arguments  and  options: 

<computer>  Specifies  the  remote  computer  running  the  User  Name  Mapping  service  that  you  want  to  administer. 
You  can  specify  the  computer  using  a  Windows  Internet  Name  Service  (WINS)  name  or  a  Domain  Name  System 
(DNS)  name,  or  by  Internet  Protocol  (IP)  address. 

-u  <user>  Specifies  the  user  name  of  the  user  whose  credentials  are  to  be  used.  It  might  be  necessary  to  add  the 
domain  name  to  the  user  name  in  the  form  domain\user  name. 

-p  <password>  Specifies  the  password  of  the  user.  If  you  specify  the  -u  option  but  omit  the  -p  option,  you  are 
prompted  for  the  user's  password.  The  specific  action  that  mapadmin  performs  depends  on  the  command 
argument  you  specify: 


Parameters 

start 

starts  the  User  Name  Mapping  service. 

stop 

Stops  the  User  Name  Mapping  service. 


config 

Specifies  general  settings  for  User  Name  Mapping.  The  following  options  are  available  with  this  command 


argument:  -r  <dddd>:<hh>:<mm>  -  Specifies  the  refresh  interval  for  updating  from  the  Windows  and  NIS 
databases  in  days,  hours,  and  minutes.  The  minimum  interval  is  5  minutes,  -i  {yes  |  no}  -  Turns  simple  mapping  on 
(yes)  or  off  (no).  By  default,  simple  mapping  is  on.  add  -  creates  a  new  mapping  for  a  user  or  group.  The  following 
options  are  available  with  this  command  argument: 


OPTION 

DEFINITION 

-wu  <name> 

Specifies  the  name  of  the  Windows  user  for  which  a  new 
mapping  is  being  created. 

-uu  <name> 

Specifies  the  name  of  the  UNIX  user  for  which  a  new  mapping 
is  being  created. 

-wg  <group> 

Specifies  the  name  of  the  Windows  group  for  which  a  new 
mapping  is  being  created. 

-ug  <group> 

Specifies  the  name  of  the  UNIX  group  for  which  a  new 
mapping  is  being  created. 

-setprimary 

Specifies  that  the  new  mapping  is  the  primary  mapping. 

setprimary  -  Specifies  which  mapping  is  the  primary  mapping  for  a  UNIX  user  or  group  with  multiple  mappings. 

The  following  options  are  available  with  this  command  argument: 

OPTION 

DEFINITION 

-wu  <name> 

Specifies  the  Windows  user  of  the  primary  mapping.  If  more 
than  one  mapping  for  the  user  exists,  use  the  -uu  option  to 
specify  the  primary  mapping. 

-uu  <name> 

Specifies  the  UNIX  user  of  the  primary  mapping. 

-wg  <group> 

Specifies  the  Windows  group  of  the  primary  mapping.  If  more 
than  one  mapping  for  the  group  exists,  use  the  -ug  option  to 
specify  the  primary  mapping. 

-ug  <group> 

Specifies  the  UNIX  group  of  the  primary  mapping. 

delete  -  removes  the  mapping  for  a 
argument: 

user  or  group.  The  following  options  are  available  for  this  command 

OPTION 

DEFINITION 

-wu  <user> 

The  Windows  user  for  which  the  mapping  will  be  deleted, 
specified  as  <WindowsDomain>\<User  Name>.  You  must 
specify  either  the  -wu  or  the  -uu  option,  or  both.  If  you 
specify  both  options,  the  particular  mapping  identified  by  the 
two  options  will  be  deleted.  If  you  specify  only  the  -wu  option, 
all  mappings  for  the  specified  user  will  be  deleted. 

-wg  <group> 

The  Windows  group  for  which  the  mapping  will  be  deleted, 
specified  as  <WindowsDomain>\<groupname>.  You  must 
specify  either  the  -wg  or  the  -ug  option,  or  both.  If  you 
specify  both  options,  the  particular  mapping  identified  by  the 
two  options  will  be  deleted.  If  you  specify  only  the  -wg  option, 
all  mappings  for  the  specified  group  will  be  deleted. 

OPTION 


DEFINITION 


-uu  <user> 

The  UNIX  user  for  whom  the  mapping  will  be  deleted, 
specified  as  <User  Name>.  You  must  specify  either  the  -wu  or 
the  -uu  option,  or  both.  If  you  specify  both  options,  the 
particular  mapping  identified  by  the  two  options  will  be 
deleted.  If  you  specify  only  the  -uu  option,  all  mappings  for 
the  specified  user  will  be  deleted. 

-ug  <group> 

The  UNIX  group  for  which  the  mapping  will  be  deleted, 
specified  as  <groupname>.  You  must  specify  either  the  -wg 
or  the  -ug  option,  or  both.  If  you  specify  both  options,  the 
particular  mapping  identified  by  the  two  options  will  be 
deleted.  If  you  specify  only  the  -ug  option,  all  mappings  for 
the  specified  group  will  be  deleted. 

list  -  Displays  information  about  user  and  group  mappings.  The  following  options  are  available  with  this  command 
argument: 

OPTION 

DEFINITION 

-all 

lists  both  simple  and  advanced  mappings  for  users  and 
groups. 

-simple 

lists  all  simple  mapped  users  and  groups. 

-advanced 

lists  all  advanced  mapped  users  and  groups.  Maps  are  listed  in 
the  order  in  which  they  are  evaluated.  Primary  maps,  marked 
with  an  asterisk  (*),  are  listed  first,  followed  by  secondary 
maps,  which  are  marked  with  a  carat  (A). 

-wu  <name> 

lists  the  mapping  for  a  specified  Windows  user. 

-wg  <group> 

lists  the  mapping  for  a  Windows  group. 

-uu  <name> 

lists  the  mapping  for  a  UNIX  user. 

-ug  <group> 

lists  the  mapping  for  a  UNIX  group. 

backup  -  Saves  User  Name  Mapping  configuration  and  mapping  data  to  the  file  specified  by  <filename>.  restore 
-  replaces  configuration  and  mapping  data  with  data  from  the  file  (specified  by  <filename>)  that  was  created  using 
the  backup  command  argument,  adddomainmap  -  adds  a  simple  map  between  a  Windows  domain  and  an  N  IS 
domain  or  password  and  group  files.  The  following  options  are  available  for  this  command  argument: 

OPTION 

DEFINITION 

-d  <WindowsDomain> 

Specifies  the  Windows  domain  to  be  mapped. 

-y  <NlSdomain> 

Specifies  the  NIS  domain  to  be  mapped. <br  />  <br  />-n 
<nisServer>  Specifies  the  NIS  server  for  the  NIS  domain 
specified  with  the  -y  option. 

OPTION 


DEFINITION 


-f  <path> 

Specifies  the  fully  qualified  path  of  directory  containing  the 
password  and  group  files  to  be  mapped.  The  files  must  be 
located  on  the  computer  being  managed,  and  you  cannot  use 
mapadmin  to  manage  a  remote  computer  to  set  up  maps 
based  on  password  and  group  files. 

removedomainmap  -  removes  a  simple  map  between  a  Windows  domain  and  an  NIS  domain.  The  following 
options  and  argument  are  available  for  this  command  argument: 

OPTION 

DEFINITION 

-d  <WindowsDomain> 

Specifies  the  Windows  domain  of  the  map  to  be  removed. 

-y  <NISdomain> 

Specifies  the  NIS  domain  of  the  map  to  be  removed. 

-all  Specifies  that  all  simple  maps  between  Windows  and  NIS 

domains  are  to  be  removed.  This  will  also  remove  any  simple 
map  between  a  Windows  domain  and  password  and  group 
files. 


listdomainmaps  -  lists  the  Windows  domains  that  are  mapped  to  NIS  domains  or  password  and  group  files. 

Notes 

•  if  you  do  not  specify  a  command  argument,  mapadmin  displays  the  current  settings  for  User  Name  Mapping. 

•  for  all  options  that  specify  a  user  or  group  name,  the  following  formats  can  be  used: 

•  for  Windows  users,  use  the  form  <domain>\<user  name>,  \\<computer>\<user  name>,  \<computer>\<user 
name>,  or  <computer>\<user  name> 

•  for  Windows  groups,  use  the  form  <domain>\<  <groupname>  >,  \\<computer>\<  <groupname>  >,  \ 
<computer>\<  <groupname>  >,  or  <computer>\<  <groupname>  > 

•  for  UNIX  users,  use  the  form  <NISdomain>\<user  name>,  <user  name&gt;@<NISdomain>,  user 
&lt;name&gt;@PCNFS,  or  PCNFS\<user  name> 

•  for  UNIX  groups,  use  the  form  <NISdomain>\<groupname>,  &lt;groupname&gt;@<NISdomain>, 
&lt;groupname&gt;@PCNFS,  or  PCN FS\<groupname> 

additional  references 


Command-Line  Syntax  Key 


Md 
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Creates  a  directory  or  subdirectory. 


NOTE 

This  command  is  the  same  as  the  mkdir  command. 


For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

md  [<Drive>: ]<Path> 
mkdir  [<Drive> : ]<Path> 


Parameters 

PARAMETER  DESCRIPTION 


<Drive>: 


Specifies  the  drive  on  which  you  want  to  create  the  new 
directory. 


<Path>  Required.  Specifies  the  name  and  location  of  the  new  directory. 

The  maximum  length  of  any  single  path  is  determined  by  the 
file  system. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

Command  extensions,  which  are  enabled  by  default,  allow  you  to  use  a  single  md  command  to  create  intermediate 
directories  in  a  specified  path. 

Examples 

To  create  a  directory  named  Directoryl  within  the  current  directory,  type: 

md  Directoryl 


To  create  the  directory  tree  Taxes\Property\Current  within  the  root  directory,  with  command  extensions  enabled, 
type: 

md  \Taxes\Property\Current 


To  create  the  directory  tree  Taxes\Property\Current  within  the  root  directory  as  in  the  previous  example,  but  with 
command  extensions  disabled,  type  the  following  sequence  of  commands: 


md  \Taxes 
cd  XTaxes 
md  Property 
cd  Property 
md  Current 


Additional  references 

Command-Line  Syntax  Key 

Cmd 


mkdir 
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This  command  is  the  same  as  the  md  command.  See  Md  for  syntax  and  parameters. 


mklink 
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Creates  a  symbolic  link. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

mklink  [  [ /d ]  |  [/h]  |  [/j]]  <Link>  <Target> 

Parameters 

PARAMETER 

DESCRIPTION 

/d 

Creates  a  directory  symbolic  link.  By  default,  mklink  creates  a 
file  symbolic  link. 

/h 

Creates  a  hard  link  instead  of  a  symbolic  link. 

/j 

Creates  a  Directory  Junction. 

<Link> 

Specifies  the  name  of  the  symbolic  link  that  is  being  created. 

<Target> 

Specifies  the  path  (relative  or  absolute)  that  the  new  symbolic 
link  refers  to. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  create  a  symbolic  link  named  MyDocs  from  the  root  directory  to  the  \Users\User1\Documents  directory,  type: 

mklink  /d  \MyDocs  \Users\Userl\Documents 

mmc 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Using  mmc  command-line  options,  you  can  open  a  s 
that  the  32-bit  or  64-bit  version  of  mmc  is  opened. 

pecific  mmc  console,  open  mmc  in  author  mode,  or  specify 

Syntax 

mmc  <path>\<filename>.msc  [/a]  [/64]  [/32] 

Parameters 

PARAMETER 

DESCRIPTION 

Yrnsc 

starts  mmc  and  opens  a  saved  console.  You  need  to  specify 
the  complete  path  and  file  name  for  the  saved  console  file.  If 
you  do  not  specify  a  console  file,  mmc  opens  a  new  console. 

/a 

Opens  a  saved  console  in  author  mode.  Used  to  make 
changes  to  saved  consoles. 

/64 

Opens  the  64-bit  version  of  mmc  (mmc64).  Use  this  option 
only  if  you  are  running  a  Microsoft  64-bit  operating  system 
and  want  to  use  a  64-bit  snap-in. 

/32 

Opens  the  32-bit  version  of  mmc  (mmc32).  When  running  a 
Microsoft  64-bit  operating  system,  you  can  run  32-bit  snap- 
ins  by  opening  mmc  with  this  command-line  option  when  you 
have  32-bit  only  snap-ins. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  Using  the  \.msc  command-line  option  You  can  use  environment  variables  to  create  command  lines  or  shortcuts 
that  do  not  depend  on  the  explicit  location  of  console  files.  For  instance,  if  the  path  to  a  console  file  is  in  the 
system  folder  (for  example,  mmc  c:\winnt\system32\console_name.msc),  you  can  use  the  expandable  data 
string  %systemroot%  to  specify  the  location  (mmc%systemroot%\system32\console_name.msc).  This  may 
be  useful  if  you  are  delegating  tasks  to  people  in  your  organization  who  are  working  on  different  computers. 

•  Using  the  /a  command-line  option  When  consoles  are  opened  with  this  option,  they  are  opened  in  author 
mode,  regardless  of  their  default  mode.  This  does  not  permanently  change  the  default  mode  setting  for  files; 
when  you  omit  this  option,  mmc  opens  console  files  according  to  their  default  mode  settings. 

•  After  you  open  mmc  or  a  console  file  in  author  mode,  you  can  open  any  existing  console  by  clicking  Open  on 
the  Console  menu. 

•  You  can  use  the  command  line  to  create  shortcuts  for  opening  mmc  and  saved  consoles.  A  command-line 
command  works  with  the  Run  command  on  the  start  menu,  in  any  command-prompt  window,  in  shortcuts,  or 


in  any  batch  file  or  program  that  calls  the  command.  ##  additional  references 
Command-Line  Syntax  Key 


mode 
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Displays  system  status,  changes  system  settings,  or  reconfigures  ports  or  devices.  If  used  without  parameters, 
mode  displays  all  the  controllable  attributes  of  the  console  and  the  available  COM  devices. 

You  can  use  mode  to  perform  the  following  tasks — each  task  uses  a  different  syntax: 

•  To  configure  a  serial  communications  port 

•  To  display  the  status  of  all  devices  or  of  a  single  device 

•  To  redirect  output  from  a  parallel  port  to  a  serial  communications  port 

•  To  select,  refresh,  or  display  the  numbers  of  the  code  pages  for  the  console 

•  To  change  the  size  of  the  command  prompt  screen  buffer 

•  To  set  the  keyboard  typematic  rate 

To  configure  a  serial  communications  port 

Syntax 

mode  com<M>[:]  [baud=<B>]  [parity=<P>]  [data=<D>]  [stop=<S>]  [to={on | off}]  [xon={on | off }]  [odsr={on | off }] 
[octs={on | off}]  [dtr={on | off | hs}]  [rts={on | off | hs | tg}]  [idsr={on | off}] 


Parameters 

PARAMETER  DESCRIPTION 

Com<M>[:]  Specifies  the  number  of  the  async  Prncnfg.vbshronous 

communications  port. 


baud=<B>  Specifies  the  transmission  rate  in  bits  per  second.  The 

following  table  lists  valid  abbreviations  for  B  and  their  related 
rates. 

-11  =  110  baud 

-  15  =  150  baud 

-  30  =  300  baud 

-  60  =  600  baud 

-  12  =  1200  baud 

-  24  =  2400  baud 

-  48  =  4800  baud 

-  96  =  9600  baud 

-  19  =  19,200  baud 


parity=<P>  Specifies  how  the  system  uses  the  parity  bit  to  check  for 

transmission  errors.  The  following  table  lists  valid  values  for  P. 
The  default  value  is  e.  Not  all  computers  support  the  values  m 
and  s. 

- n  =  none 

-  e  =  even 

-  o  =  odd 

-  m  =  mark 

-  s  =  space 


PARAMETER 


DESCRIPTION 


data=  <D> 

Specifies  the  number  of  data  bits  in  a  character.  Valid  values 
for  d  are  in  the  range  5  through  8.  The  default  value  is  7.  Not 
all  computers  support  the  values  5  and  6. 

stop=<S> 

Specifies  the  number  of  stop  bits  that  define  the  end  of  a 
character:  1 ,  1.5,  or  2.  If  the  baud  rate  is  1 1 0,  the  default  value 
is  2.  Otherwise,  the  default  value  is  1.  Not  all  computers 
support  the  value  1 .5. 

to={on 

off} 

xon={on 

off} 

odsr={on 

off} 

octs={on 

off} 

dtr={on 

off 

rts={on 

off 

idsr={on 

off} 

/? 

Displays  help  at  the  command  prompt. 

To  display  the  status  of  all  devices  or  of  a  single  device 

Syntax 

mode  [<Device>]  [/status] 

Parameters 


PARAMETER 

DESCRIPTION 

<Device> 

Specifies  the  name  of  the  device  for  which  you  want  to  display 
the  status. 

/status 

Requests  the  status  of  any  redirected  parallel  printers.  You  can 
abbreviate  the  /status  command-line  option  as  /sta. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

If  used  without  parameters,  mode  displays  the  status  of  all  devices  that  are  installed  on  your  system. 

To  redirect  output  from  a  parallel  port  to  a  serial  communications  port 


Syntax 


mode  lpt<N>[ : ]=com<M>[ : ] 

Parameters 

PARAMETER 

DESCRIPTION 

lpt<  N>  [:] 

Required.  Specifies  the  parallel  port.  Valid  values  for  N  are  in 
the  range  1  through  3. 

com<M>[:]  Required.  Specifies  the  serial  port.  Valid  values  for  M  are  in  the 

range  1  through  4. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

You  must  be  a  member  of  the  Administrators  group  to  redirect  printing. 

Examples 

To  set  up  your  system  so  that  it  sends  parallel  printer  output  to  a  serial  printer,  you  must  use  the  mode  command 
twice.  The  first  time,  use  mode  to  configure  the  serial  port  The  second  time,  use  mode  to  redirect  parallel  printer 
output  to  the  serial  port  you  specified  in  the  first  mode  command. 

For  example,  if  your  serial  printer  operates  at  4800  baud  with  even  parity,  and  it  is  connected  to  the  COM1  port 
(the  first  serial  connection  on  your  computer),  type: 

mode  coml  48,e,,,b 
mode  lptl=coml 


If  you  redirect  parallel  printer  output  from  LPT1  to  COM1,  but  then  you  decide  that  you  want  to  print  a  file  by 
using  LPT1,type  the  following  command  before  you  print  the  file: 


mode  lptl 

This  command  prevents  the  redirection  the  file  from 

LPT1  toCOMI. 

To  select,  refresh,  or  display  the 
console 

numbers  of  the  code  pages  for  the 

Syntax 

mode  <Device>  codepage  select=<YYY> 
mode  <Device>  codepage  [/status] 

Parameters 

PARAMETER 

DESCRIPTION 

<Device> 

Required.  Specifies  the  device  for  which  you  want  to  select  a 
code  page.  CON  is  the  only  valid  name  for  a  device. 

codepage  select = 

Required.  Specifies  which  code  page  to  use  with  the  specified 
device.  You  can  abbreviate  codepage  select  as  cp  sel. 

PARAMETER 


DESCRIPTION 


<YYY> 

Required.  Specifies  the  number  of  the  code  page  to  select.  The 
following  list  shows  each  code  page  that  is  supported  and  its 
country/region  or  language. 

437:  United  States 

850:  Multilingual  (Latin  1) 

852:  Slavic  (Latin  II) 

855:  Cyrillic  (Russian) 

857:  Turkish 

860:  Portuguese 

861 :  Icelandic 

863:  Canadian-French 

865:  Nordic 

866:  Russian 

869:  Modern  Greek 

codepage 

Required.  Displays  the  numbers  of  the  code  pages  (if  any)  that 
are  selected  for  the  specified  device. 

/status 

Displays  the  numbers  of  the  current  code  pages  selected  for 
the  specified  device.  You  can  abbreviate  /status  to  /sta. 
Whether  or  not  you  specify  /status,  mode  codepage 
displays  the  numbers  of  the  code  pages  that  are  selected  for 
the  specified  device. 

/? 

Displays  help  at  the  command  prompt. 

To  change  the  size  of  the  command  prompt  screen  buffer 

Syntax 

mode  con[:]  [cols=<C>]  [lines=<N>] 

Parameters 


PARAMETER 

DESCRIPTION 

con[:] 

Required.  Indicates  that  the  change  applies  to  the  Command 
Prompt  window. 

cols=<C> 

Specifies  the  number  of  columns  in  the  command  prompt 
screen  buffer. 

lines=  <N> 

Specifies  the  number  of  lines  in  the  command  prompt  screen 
buffer. 

/? 

Displays  help  at  the  command  prompt. 

To  set  the  keyboard  type  mat  ic  rate 


Syntax 

mode  con[:]  [rate=<R>  delay=<D>] 

Parameters 


PARAMETER 

DESCRIPTION 

con[:] 

Required.  Refers  to  the  keyboard. 

rate=  <  R> 

Specifies  the  rate  at  which  a  character  is  repeated  on  the 
screen  when  you  hold  down  a  key. 

delay=<D> 

Specifies  the  amount  of  time  that  will  elapse  after  you  press 
and  hold  down  a  key  before  the  character  output  repeats. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  typematic  rate  is  the  rate  at  which  a  character  repeats  when  you  hold  down  the  key  for  that  character.  The 
typematic  rate  has  two  components,  the  rate  and  the  delay.  Some  keyboards  do  not  recognize  this  command. 

•  Using  rat e-R 

Valid  values  are  in  the  range  1  through  32.  These  values  are  equal  to  approximately  2  to  30  characters  per 
second.  The  default  value  is  20  for  IBM  AT-compatible  keyboards,  and  21  for  IBM  PS/2 -compatible 
keyboards.  If  you  set  the  rate,  you  must  also  set  the  delay. 

•  Using  delay=D 

Valid  values  for  D  are  1,  2,  3,  and  4  (representing  0.25,  0.50,  0.75,  and  1  second).  The  default  value  is  2.  If 
you  set  the  delay,  you  must  also  set  the  rate. 

Additional  references 


Command-Line  Syntax  Key 


more 
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Displays  one  screen  of  output  at  a  time. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

<Command>  |  more  [/c]  [/p]  [/s ]  [/t<N>]  [+<N>] 

more  [ [ / c ]  [/p]  [ /s ]  [/t<N>]  [+<N>]]  <  [<Drive>:  ]  [<Path>]<Filel\lame> 
more  [ /c ]  [/p]  [/s]  [/t<N>]  [+<M>]  [<Files>] 

Parameters 


PARAMETER 

DESCRIPTION 

<Command> 

Specifies  a  command  for  which  you  want  to  display  the 
output. 

/c 

Clears  the  screen  before  displaying  a  page. 

/P 

Expands  form-feed  characters. 

/s 

Displays  multiple  blank  lines  as  a  single  blank  line. 

/t<  N> 

Displays  tabs  as  the  number  of  spaces  specified  by  N. 

+  <N> 

Displays  the  first  file  beginning  at  the  line  specified  by  N. 

[<  Drive> :]  [] 

Specifies  the  location  and  name  of  a  file  to  display. 

<  Files  > 

Specifies  a  list  of  files  to  display.  Separate  file  names  with  a 
space. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  following  subcommands  are  accepted  at  the  more  prompt  (  --  More  --  ). 

1  Key] Action|  |— - 1- . |  |SPACEBAR|Displays  the  next  page.|  | E N TE R | Displays  the  next  line.|  |f| Displays  the  next 

file.|  |q|Quits  the  more  command. |  |  =  |Shows  the  line  number.|  |p  < N  > | D isplays  the  next  N  lines. |  |s  < N  > | S kips 
the  next  N  lines. |  |?|Shows  the  commands  that  are  available  at  the  more  prompt.| 

•  When  using  the  redirection  character  (<),  you  must  specify  a  file  name  as  the  source.  When  using  the  pipe  (|), 
you  can  use  such  commands  as  dir,  sort,  and  type. 

•  The  more  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 


Examples 


To  view  the  first  screen  of  information  of  a  file  named  Clients. new,  type  one  of  the  following  commands: 

more  <  clients. new 
type  clients. new  |  more 

The  more  command  displays  the  first  screen  of  information  from  Clients. new,  and  then  displays  the  following 
prompt: 

--  More  -- 

You  can  then  press  the  SPACEBAR  to  see  the  next  screen  of  information. 

To  clear  the  screen  and  remove  all  extra  blank  lines  before  displaying  the  file  Clients. new,  type  one  of  the  following 
commands: 

more  /c  /s  <  clients. new 
type  clients. new  |  more  /c  /s 

The  more  command  displays  the  first  screen  of  information  from  Clients. new,  and  then  displays  the  following 
prompt: 

--  More  -- 

Using  more  subcommands 

The  following  examples  can  be  used  at  the  more  prompt  (  --  More  --  ). 

•  To  display  the  file  one  line  at  a  time,  press  ENTER  at  the  more  prompt. 

•  To  display  the  next  screen,  press  the  SPACEBAR  at  the  more  prompt. 

•  To  display  the  next  file  listed  on  the  command  line,  type  f  at  the  more  prompt. 

•  To  show  the  available  commands,  type  ?  at  the  more  prompt. 

•  To  quit  more,  type  q  at  the  more  prompt. 

•  To  display  the  current  line  number,  type  =  at  the  more  prompt.  The  current  line  number  is  added  to  the  more 
prompt  as  follows: 

--  More  [Line:  24]  -- 

•  To  display  a  specific  number  of  lines,  type  p  at  the  more  prompt.  More  prompts  you  for  the  number  of  lines  to 
display  as  follows: 

--  More  --  Lines: 

Type  the  number  of  lines  to  display,  and  then  press  ENTER.  More  displays  the  specified  number  of  lines. 

•  To  skip  a  specific  number  of  lines,  type  s  at  the  more  prompt.  More  prompts  you  for  the  number  of  lines  to  skip 
as  follows: 

--  More  --  Lines: 

Type  the  number  of  lines  to  skip,  and  then  press  ENTER.  More  skips  the  specified  number  of  lines  and  displays 
the  next  screen  of  information. 

Additional  references 

Command-Line  Syntax  Key 


mount 
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You  can  use  mount  to  mount  Network  File  System  (NFS)  network  shares. 

Syntax 

mount  [-o  <0ption>[ . . . ] ]  [ -u : <UserName>]  [-p:{<Password>  |  *}]  {\\<ComputerName>\<ShareName>  | 
<ComputerName>:/<ShareName>}  {<DeviceName>  ]  *} 


Description 

The  mount  command-line  utility  mounts  the  file  system  identified  by  ShareName  exported  by  the  NFS  server 
identified  by  ComputerName  and  associates  it  with  the  drive  letter  specified  by  DeviceName  or,  if  an  asterisk  (*)  is 
used,  by  the  first  available  driver  letter.  Users  can  then  access  the  exported  file  system  as  though  it  were  a  drive  on 
the  local  computer.  When  used  without  options  or  arguments,  mount  displays  information  about  all  mounted  NFS 
file  systems. 

The  mount  utility  is  available  only  if  Client  for  NFS  is  installed. 

The  following  options  and  arguments  can  be  used  with  the  mount  utility. 


TERM  DEFINITION 


-o  rsize=  <  buffersize> 

Sets  the  size  in  kilobytes  of  the  read  buffer.  Acceptable  values 
are  1,  2,  4,  8,  16,  and  32;  the  default  is  32  KB. 

-o  wsize=  <  buffersize> 

Sets  the  size  in  kilobytes  of  the  write  buffer.  Acceptable  values 
are  1,  2,  4,  8,  16,  and  32;  the  default  is  32  KB. 

-o  timeout=<seconds> 

Sets  the  time-out  value  in  seconds  for  a  remote  procedure  call 
(RPC).  Acceptable  values  are  0.8,  0.9,  and  any  integer  in  the 
range  1-60;  the  default  is  0.8. 

-o  retry=<number> 

Sets  the  number  of  retries  for  a  soft  mount.  Acceptable  values 
are  integers  in  the  range  1-10;  the  default  is  1. 

-o  mtype={soft 

hard} 

-o  anon 

Mounts  as  an  anonymous  user. 

-o  nolock 

Disables  locking  (default  is  enabled). 

-o  casesensitive 

Forces  file  lookups  on  the  server  to  be  case  sensitive. 

TERM 


DEFINITION 


-o  fileaccess=<mode> 

Specifies  the  default  permission  mode  of  new  files  created  on 
the  NFS  share.  Specify  mode  as  a  three-digit  number  in  the 
form  ogw,  where  o,  g,  and  w  are  each  a  digit  representing  the 
access  granted  the  file's  owner,  group,  and  the  world, 
respectively.  The  digits  must  be  in  the  range  0-7  with  the 
following  meaning: 

-  0:  No  access 

-  1 :  x  (execute  access) 

-  2:  w  (write  access) 

-  3:  wx 

-  4:  r  (read  access) 

-  5:  rx 

-  6:  rw 

-  7:  rwx 

-o  lang={euc-jp 

euc-tw 

-u:<UserName> 

Specifies  the  user  name  to  use  for  mounting  the  share.  If 
username  is  not  preceded  by  a  backslash  (\),  it  is  treated  as  a 
UNIX  user  name. 

-p:<  Password  > 

The  password  to  use  for  mounting  the  share.  If  you  use  an 
asterisk  (*),  you  will  be  prompted  for  the  password. 

NOTE 

mountvol 
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Creates,  deletes,  or  lists  a  volume  mount  point. 

For  examples  of  how  to  use  this  command  see  Examples. 

Syntax 

mountvol  [<Drive> : ]<Path  VolumeName> 
mountvol  [<Drive> : ]<Path>  / d 
mountvol  [<Drive> : ]<Path>  /I 
mountvol  [<Drive> : ]<Path>  /p 
mountvol  /r 
mountvol  [/n  |  /e] 
mountvol  <Drive>:  /s 


Parameters 

PARAMETER  DESCRIPTION 

[<  Drive> :]  Specifies  the  existing  NTFS  directory  where  the  mount  point 

will  reside. 


<VolumeName> 

Specifies  the  volume  name  that  is  the  target  of  the  mount 
point.  The  volume  name  uses  the  following  syntax,  where 

GUID  is  a  globally  unique  identifier: 

\\\\?\Volume\{GUID}\ 

The  brackets  { }  are  required. 

/d 

Removes  the  volume  mount  point  from  the  specified  folder. 

/I 

Lists  the  mounted  volume  name  for  the  specified  folder. 

/P 

Removes  the  volume  mount  point  from  the  specified  directory, 
dismounts  the  basic  volume,  and  takes  the  basic  volume 
offline,  making  it  unmountable.  If  other  processes  are  using 
the  volume,  mountvol  closes  any  open  handles  before 
dismounting  the  volume. 

/r 

Removes  volume  mount  point  directories  and  registry  settings 
for  volumes  that  are  no  longer  in  the  system,  preventing  them 
from  being  automatically  mounted  and  given  their  former 
volume  mount  point(s)  when  added  back  to  the  system. 

/n 

Disables  automatic  mounting  of  new  basic  volumes.  New 
volumes  are  not  mounted  automatically  when  added  to  the 
system. 

/e 

Re-enables  automatic  mounting  of  new  basic  volumes. 

PARAMETER 


DESCRIPTION 


/s  Mounts  the  EFI  system  partition  on  the  specified  drive. 

Available  on  Itanium-based  computers  only. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Mountvol  allows  you  to  link  volumes  without  requiring  a  drive  letter. 

•  Volumes  that  are  dismounted  by  using  /p  are  listed  in  the  volumes  list  as  "NOT  MOUNTED  UNTIL  A 
VOLUME  MOUNT  POINT  IS  CREATED."  If  the  volume  has  more  than  one  mount  point,  use  /d  to  remove  the 
additional  mount  points  before  using  /p.  You  can  make  the  basic  volume  mountable  again  by  assigning  a 
volume  mount  point. 

•  If  you  need  to  expand  your  volume  space  without  reformatting  or  replacing  a  hard  drive,  you  can  add  a  mount 
path  to  another  volume.  The  benefit  of  using  one  volume  with  several  mount  paths  is  that  you  can  access  all 
local  volumes  by  using  a  single  drive  letter  (such  as  c:  ).  You  do  not  need  to  remember  which  volume 
corresponds  to  which  drive  letter — although  you  can  still  mount  local  volumes  and  assign  them  drive  letters. 

Examples 

To  create  a  mount  point,  type: 

mountvol  \sysmount  \\?\Volume\{2eca078d-5cbc-43d3-aff8-7e8511f60d0e}\ 

Additional  references 

Command-Line  Syntax  Key 


move 
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Moves  one  or  more  files  from  one  directory  to  another  directory. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

move  [{/y  |  / -y } ]  [<Source>]  [<Target>] 

Parameters 

PARAMETER  DESCRIPTION 

/y  Suppresses  prompting  to  confirm  that  you  want  to  overwrite 

an  existing  destination  file. 


h 


Causes  prompting  to  confirm  that  you  want  to  overwrite  an 
existing  destination  file. 


<Source>  Specifies  the  path  and  name  of  the  file  or  files  to  move.  If  you 

want  to  move  or  rename  a  directory,  Source  should  be  the 
current  directory  path  and  name. 


<Target>  Specifies  the  path  and  name  to  move  files  to.  If  you  want  to 

move  or  rename  a  directory,  Target  should  be  the  desired 
directory  path  and  name. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  The  /y  command-line  option  might  be  preset  in  the  COPYCMD  environment  variable.  You  can  override  this 
with  /-y  on  the  command  line.  The  default  is  to  prompt  before  overwriting  files  unless  the  copy  command  is 
run  from  within  a  batch  script. 

•  Moving  encrypted  files  to  a  volume  that  does  not  support  Encrypting  File  System  (EFS)  results  in  an  error. 
Decrypt  the  files  first  or  move  the  files  to  a  volume  that  supports  EFS. 

Examples 

To  move  all  files  with  the  ,xls  extension  from  the  \Data  directory  to  the  \Second_Q\Reports  directory,  type: 
move  \data\*.xls  \second_q\reports\ 

Additional  references 

Command-Line  Syntax  Key 


mqbkup 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Backs  up  MSMQ  message  files  and  registry  settings  to  a  storage  device  and  restores  previously-stored  messages 
and  settings. 

Both  the  backup  and  the  restore  operation  will  stop  the  local  MSMQ  service.  If  the  MSMQ  service  was  started 
beforehand,  the  utility  will  attempt  to  restart  the  MSMQ  service  at  the  end  of  the  backup  or  the  restore  operation. 

If  the  service  was  already  stopped  before  running  the  utility,  no  attempt  to  restart  the  service  is  made. 

Before  using  the  MSMQ  Message  Backup/Restore  utility  you  must  close  all  local  applications  that  are  using 
MSMQ. 

Syntax 

mqbkup  {/b  |  /r}  <folder  path_to_storage_device> 

Parameters 

PARAMETER  DESCRIPTION 

/b  Specifies  backup  operation 

/r  Specifies  restore  operation 

<folder  path_to_storage_device>  Specifies  the  path  where  the  MSMQ  message  files  and  registry 

settings  are  stored 

/?  Displays  help  at  the  command  prompt. 

Examples 

To  backup  all  MSMQ  message  files  and  registry  settings  and  store  them  in  the  Msmqbkup  folder  on  your  C:  drive, 
mqbkup  /b  c:\msmqbkup 

if  the  specified  folder  does  not  exist,  the  utility  will  automatically  create  one.  If  you  choose  to  specify  an  existing 
folder,  this  folder  must  be  empty.  If  you  specify  a  non-empty  folder,  the  utility  will  delete  every  file  and  subfolder 
contained  within  it.  In  this  case,  you  will  be  prompted  to  give  permission  to  delete  existing  files  and  subfolders.  You 
can  use  the  /y  parameter  to  indicate  that  you  agree  beforehand  to  the  deletion  of  all  existing  files  and  subfolders  in 
the  specified  folder. 

To  delete  all  files  and  subfolders  in  the  Oldbkup  folder  on  your  C:  drive  and  store  MSMQ  message  files  and 
registry  settings  in  this  folder. 

mqbkup  /b  /y  c:\oldbkup 


To  restore  MSMQ  messages  and  registry  settings: 


mqbkup  /r  c:\msmqbkup 

The  locations  of  folders  used  to  store  MSMQ  message  files  are  stored  in  the  registry.  Thus,  the  utility  will  restore 
MSMQ  message  files  to  the  folders  specified  in  the  registry  and  not  to  the  storage  folders  used  before  the  restore 
operation.  If  the  folders  specified  in  the  registry  do  not  exist,  the  restore  operation  will  automatically  create  them.  If 
folders  directories  do  exist  and  are  not  empty,  the  utility  will  prompt  you  for  permission  to  delete  the  current 
contents  of  these  folders. 

additional  references 

•  Command-Line  Syntax  Key 


mqsvc 
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Message  Queuing  technology  enables  applications  running  at  different  times  to  communicate  across 
heterogeneous  networks  and  systems  that  may  be  temporarily  offline.  Message  Queuing  provides  guaranteed 
message  delivery,  efficient  routing,  security,  and  priority-based  messaging.  It  can  be  used  to  implement  solutions 
for  both  asynchronous  and  synchronous  messaging  scenarios.  For  more  information  about  this  command,  see 

Message  Queuing  (MSMQ)  on  MSDN. 

Syntax 

Mqsvc.exe 

Parameters 

None 

Additional  references 

•  Command-Line  Syntax  Key 


mqtgsvc 
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Monitors  a  queue  for  incoming  messages  and  performs  an  action,  in  the  form  of  an  executable  file  or  COM 
component,  when  the  rules  of  a  trigger  are  evaluated  as  true.  For  examples  of  how  the  Message  Queuing  Triggers 
service  can  be  used,  see  Message  Queuing  Triggerson  MSDN. 

Syntax 

Mqtgsvc.exe 

Parameters 

None 

Additional  references 

•  Command-Line  Syntax  Key 


msdt 
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Invokes  a  troubleshooting  pack  at  the  command  line  or  as  part  of  an  automated  script,  and  enables  additional 
options  without  user  input. 

Syntax 


msdt  </id  <name>  |  /path  <name> 

|  /cab  <  name>>  <</parameter>  [options]  ...  <parameten>  [options] >> 

Parameters 

The  following  table  includes  the  parameters  and  options  supported  by  msdt.exe. 


PARAMETER 

DESCRIPTION 

/id  <  package  name> 

Specifies  which  diagnostic  package  to  run.  For  a  list  of  available 
packages,  see  the  Troubleshooting  Pack  ID  in  the  "Available 
troubleshooting  packs^?  section  later  in  this  topic. 

/path  <  directory 

.diagpkg  file 

/dci  <  passkey > 

Prepopulates  the  passkey  field  in  msdt.  This  parameter  is  only 
used  when  a  support  provider  has  supplied  a  passkey. 

/dt  < directory > 

Displays  the  troubleshooting  history  in  the  specified  directory. 
Diagnostic  results  are  stored  in  the  user's 

%LOCALAPPDATA%\Diagnostics  or 
%LOCALAPPDATA%\Elevated Diagnostics  directories. 

/af  < answer  file> 


Specifies  an  answer  file  in  XML  format  that  contains  responses 
to  one  or  more  diagnostic  interactions. 


msg 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Sends  a  message  to  a  user  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server,  for  examples  of  how  to  use 
this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 

msg  {<UserName>  |  <SessionName> 
[/w]  [<Message>] 

|  <SessionID>|  @<FileName>  |  *}  [/server :<ServerName>]  [/time:<Seconds>]  [/v] 

Parameters 


PARAMETER 

DESCRIPTION 

Specifies  the  name  of  the  user  that  you  want  to  receive  the 
message. 

Specifies  the  name  of  the  session  that  you  want  to  receive  the 
message. 

Specifies  the  numeric  ID  of  the  session  whose  user  you  want 
to  receive  a  message. 

@ 

Identifies  a  file  containing  a  list  of  user  names,  session  names, 
and  session  IDs  that  you  want  to  receive  the  message. 

•k 

Sends  the  message  to  all  user  names  on  the  system. 

/server: 

Specifies  the  rd  Session  Host  server  whose  session  or  user  you 
want  to  receive  the  message.  If  unspecified,  /server  uses  the 
server  to  which  you  are  currently  logged  on. 

/time: 

Specifies  the  amount  of  time  that  the  message  you  sent  is 
displayed  on  the  user's  screen.  After  the  time  limit  is  reached, 
the  message  disappears.  If  no  time  limit  is  set,  the  message 
remains  on  the  user's  screen  until  the  user  sees  the  message 
and  dicks  OK. 

/v 

Displays  information  about  the  actions  being  performed. 

PARAMETER 


DESCRIPTION 


/w  Waits  for  an  acknowledgment  from  the  user  that  the  message 

has  been  received.  Use  this  parameter  with  /time:<Secor?c/s> 
to  avoid  a  possible  long  delay  if  the  user  does  not  immediately 
respond.  Using  this  parameter  with  /v  is  also  helpful. 


Specifies  the  text  of  the  message  that  you  want  to  send.  If  no 
message  is  specified,  you  will  be  prompted  to  enter  a 
message.  To  send  a  message  that  is  contained  in  a  file,  type 
the  less  than  (<)  symbol  followed  by  the  file  name. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  if  you  do  not  specify  a  user  or  a  session,  msg  displays  an  error  message.  When  specifying  a  session,  it  must  be 
an  active  one. 

•  The  user  must  have  Message  special  access  permission  to  send  a  message. 

Examples 

•  To  send  the  message  entitled  "Let's  meet  at  1  PM  today"  to  all  sessions  for  Userl,  type: 

msg  Userl  Let's  meet  at  1PM  today 

•  To  send  the  same  message  to  session  modeM02,  type:  msg  modem@2  Let's  meet  at  ipm  today 

•  To  send  the  message  to  session  12,  type:  msg  12  Let's  meet  at  ipm  today 

•  To  send  the  message  to  all  sessions  contained  in  the  file  USERIist,  type:  msg  @useriist  Let's  meet  at  ipm  today 

•  To  send  the  message  to  all  users  who  are  logged  on,  type:  msg  *  Let's  meet  at  ipm  today 

•  To  send  the  message  to  all  users,  with  an  acknowledgment  time-out  (for  example,  1 0  seconds),  type: 

msg  *  /time: 10  Let’s  meet  at  1PM  today 

additional  references 

•  Command-Line  Syntax  Key 

•  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


msiexec 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Msiexec 

Provides  the  means  to  install,  modify,  and  perform  operations  on  Windows  Installer  from  the  command  line. 
For  the  syntax  and  examples  of  how  to  use  this  command,  see  Msiexec. 


msinfo32 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Opens  the  System  Information  tool  to  display  a  comprehensive  view  of  the  hardware,  system  components,  and 
software  environment  on  the  local  computer. 

Syntax 

msinfo32  [/pch]  [/nfo  <path>]  [/report  <path>]  [/computer  <computerName>]  [/showcategories]  [/category 
<CategoryID>]  [/categories  {+<CategoryID>(+<CategoryID>) |+all(-<CategoryID>)}] 


Parameters 

PARAMETER 


DESCRIPTION 


Specifies  the  file  to  be  opened  in  the  format 
C:\Folderl\File1.XXX,  where  C  is  the  drive  letter,  Folder 7  is  the 
folder,  File  1  is  the  file  name,  and  XXX  is  the  file  name 
extension. 

This  file  can  be  an  .nfo,  .xml,  .txt,  or  .cab  file. 

Specifies  the  name  of  the  target  or  local  computer.  This  can  be 
a  UNC  name,  an  IP  address,  or  a  full  computer  name. 

Specifies  the  ID  of  the  category  item.  You  can  obtain  the 
category  ID  by  using  /showcategories. 

/pch 

Displays  the  System  History  view  in  the  System  Information 
tool. 

/nfo 

Saves  the  exported  file  as  an  .nfo  file.  If  the  file  name  that  is 
specified  in  path  does  not  end  in  an  .nfo  extension,  the  .nfo 
extension  is  automatically  appended  to  the  file  name. 

/report 

Saves  the  file  in  path  as  a  text  file.  The  file  name  is  saved 
exactly  as  it  appears  in  path.  The  .txt  extension  is  not 
appended  to  the  file  unless  it  is  specified  in  path. 

/computer 

starts  the  System  Information  tool  for  the  specified  remote 
computer  You  must  have  the  appropriate  permissions  to 
access  the  remote  computer 

/showcategories  starts  the  System  Information  tool  with  all  available  category 

IDs  displayed,  rather  than  displaying  the  friendly  or  localized 
names.  For  example,  the  Software  Environment  category  is 
displayed  as  the  SWEnv  category. 


PARAMETER 


DESCRIPTION 


/category  starts  System  Information  with  the  specified  category  selected. 

Use  /showcategories  to  display  a  list  of  available  category 
IDs. 


/categories  starts  System  Information  with  only  the  specified  category  or 

categories  displayed.  It  also  limits  the  output  to  the  selected 
category  or  categories.  Use  /showcategories  to  display  a  list 
of  available  category  IDs. 


/?  Displays  help  at  the  command  prompt. 

remarks 

Some  System  Information  categories  contain  large  amounts  of  data.  You  can  use  the  start  /wait  command  to 
optimize  reporting  performance  for  these  categories.  For  more  information,  see  System  Information. 

Examples 

To  list  the  available  category  IDs,  type: 

msinfo32  /showcategories 


To  start  the  System  Information  tool  with  all  available  information  displayed,  except  Loaded  Modules,  type: 
msinfo32  /categories  +all  -loadedmodules 


To  display  only  System  Summary  information  and  create  an  .nfo  file  called  syssum.nfo  that  contains  information  in 
the  System  Summary  category,  type: 

msinfo32  /nfo  syssum.nfo  /categories  +systemsummary 


To  display  resource  conflict  information  and  create  an  .nfo  file  called  conflicts. nfo  that  contains  information  about 
resource  conflicts,  type: 

msinfo32  /nfo  conflicts . nfo  /categories  +componentsproblemdevices+resourcesconflicts+resourcesforcedhardware 


additional  references 


•  Command-Line  Syntax  Key 


mstsc 


10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


creates  connections  to  remote  Desktop  Session  Host  (rd  Session  Host)  servers  or  other  remote  computers,  edits 
an  existing  remote  Desktop  Connection  (.rdp)  configuration  file,  and  migrates  legacy  connection  files  that  were 
created  with  Client  Connection  Manager  to  new  .rdp  connection  files,  for  examples  of  how  to  use  this  command, 

see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 

mstsc.exe  [<Connection  File>]  [/v:<Server>[:<Port>]]  [/admin]  [/f]  [/w:<Width>  /h : <Height>]  [/public]  [/span] 
mstsc.exe  /edit  cConnection  File> 
mstsc.exe  /migrate 


Parameters 


PARAMETER 

DESCRIPTION 

Specifies  the  name  of  an  .rdp  file  for  the  connection. 

/v:<  Server!:] 

Specifies  the  remote  computer  and,  optionally,  the  port 
number  to  which  you  want  to  connect. 

/admin 

Connects  you  to  a  session  for  administering  the  server. 

/f 

starts  remote  Desktop  Connection  in  full-screen  mode. 

/w: 

Specifies  the  width  of  the  remote  Desktop  window. 

/h: 

Specifies  the  height  of  the  remote  Desktop  window. 

/public 

Runs  remote  Desktop  in  public  mode.  In  public  mode, 
passwords  and  bitmaps  are  not  cached. 

/span 

Matches  the  remote  Desktop  width  and  height  with  the  local 
virtual  desktop,  spanning  across  multiple  monitors  if 
necessary. 

/edit 

Opens  the  specified  .rdp  file  for  editing. 

PARAMETER 


DESCRIPTION 


/migrate  Migrates  legacy  connection  files  that  were  created  with  Client 

Connection  Manager  to  new  .rdp  connection  files. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  Default.rdp  is  stored  for  each  user  as  a  hidden  file  in  the  user's  Documents  folder.  User  created  .rdp  files  are 
saved  by  default  in  the  user's  Documents  folder  but  can  be  saved  anywhere. 

•  To  span  across  monitors,  the  monitors  must  use  the  same  resolution  and  must  be  aligned  horizontally  (that  is, 
side  by  side).  There  is  currently  no  support  for  spanning  multiple  monitors  vertically  on  the  client  system. 

Examples 

•  To  connect  to  a  session  in  full-screen  mode,  type:  mstsc  /f 

•  To  open  a  file  called  filename. rdp  for  editing,  type:  mstsc  /edit  filename. rdp 

additional  references 

•  Command-Line  Syntax  Key 

•  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


nbtstat 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Displays  NetBIOS  over  TCP/IP  (NetBT)  protocol  statistics,  NetBIOS  name  tables  for  both  the  local  computer  and 
remote  computers,  and  the  NetBIOS  name  cache,  nbtstat  allows  a  refresh  of  the  NetBIOS  name  cache  and  the 
names  registered  with  Windows  Internet  Name  Service  (WINS).  Used  without  parameters,  nbtstat  displays  help. 

Syntax 

nbtstat  [/a  <nemoteName>]  [/A  <IPaddress>]  [ /c ] 

[/n]  [/r]  [/R]  [/RR]  [/s]  [/S]  [<Interval>] 

Parameters 

PARAMETER 

DESCRIPTION 

/a 

Displays  the  NetBIOS  name  table  of  a  remote  computer,  where 
remoteName  is  the  NetBIOS  computer  name  of  the  remote 
computer.  The  NetBIOS  name  table  is  the  list  of  NetBIOS 
names  that  corresponds  to  NetBIOS  applications  running  on 
that  computer. 

/A 

Displays  the  NetBIOS  name  table  of  a  remote  computer, 
specified  by  the  IP  address  (in  dotted  decimal  notation)  of  the 
remote  computer. 

/c 

Displays  the  contents  of  the  NetBIOS  name  cache,  the  table  of 
NetBIOS  names  and  their  resolved  IP  addresses. 

/n 

Displays  the  NetBIOS  name  table  of  the  local  computer.  The 
status  of  registered  indicates  that  the  name  is  registered 
either  by  broadcast  or  with  a  WINS  server. 

/r 

Displays  NetBIOS  name  resolution  statistics.  On  a  computer 
running  Windows  XP  or  Windows  Server  2003  that  is 
configured  to  use  WINS,  this  parameter  returns  the  number  of 
names  that  have  been  resolved  and  registered  using 
broadcast  and  WINS. 

/R 

Purges  the  contents  of  the  NetBIOS  name  cache  and  then 
reloads  the  #PRE-tagged  entries  from  the  Lmhosts  file. 

/RR 

Releases  and  then  refreshes  NetBIOS  names  for  the  local 
computer  that  is  registered  with  WINS  servers. 

/s 

Displays  NetBIOS  client  and  server  sessions,  attempting  to 
convert  the  destination  IP  address  to  a  name. 

PARAMETER 


DESCRIPTION 


/s 


Displays  NetBIOS  client  and  server  sessions,  listing  the  remote 
computers  by  destination  IP  address  only. 


Redisplays  selected  statistics,  pausing  the  number  of  seconds 
specified  in  Interval  between  each  display.  Press  CTRL+C  to 
stop  redisplaying  statistics.  If  this  parameter  is  omitted, 
nbtstat  prints  the  current  configuration  information  only  once. 


/?  Displays  help  at  the  command  prompt. 

remarks 

•  nbtstat  command-line  parameters  are  case-sensitive. 

•  The  following  table  describes  the  column  headings  that  are  generated  by  nbtstat: 


HEADING 

DESCRIPTION 

Input 

The  number  of  bytes  received. 

Output 

The  number  of  bytes  sent. 

In/Out 

Whether  the  connection  is  from  the  computer  (outbound) 
or  from  another  computer  to  the  local  computer 
(inbound). 

Life 

The  remaining  time  that  a  name  table  cache  entry  will  live 
before  it  is  purged. 

Local  Name 

The  local  NetBIOS  name  associated  with  the  connection. 

remote  Host 

The  name  or  IP  address  associated  with  the  remote 

computer. 

<03> 

The  last  byte  of  a  NetBIOS  name  converted  to 
hexadecimal.  Each  NetBIOS  name  is  16  characters  long. 

This  last  byte  often  has  special  significance  because  the 
same  name  might  be  present  several  times  on  a  computer, 
differing  only  in  the  last  byte.  For  example,  <20>  is  a 
space  in  ASCII  text. 

type 

The  type  of  name.  A  name  can  either  be  a  unique  name  or 
a  group  name. 

Status 

Whether  the  NetBIOS  service  on  the  remote  computer  is 
running  (registered)  or  a  duplicate  computer  name  has 
registered  the  same  service  (Conflict). 

State 

The  state  of  NetBIOS  connections. 

•  The  following  table  describes  the  possible  NetBIOS  connection  states: 


STATE 


DESCRIPTION 


Connected 

A  session  has  been  established. 

associated 

A  connection  endpoint  has  been  created  and  associated 
with  an  IP  address. 

listening 

This  endpoint  is  available  for  an  inbound  connection. 

Idle 

This  endpoint  has  been  opened  but  cannot  receive 
connections. 

Connecting 

A  session  is  in  the  connecting  phase  and  the  name-to-IP 
address  mapping  of  the  destination  is  being  resolved. 

Accepting 

An  inbound  session  is  currently  being  accepted  and  will  be 
connected  shortly. 

Reconnecting 

A  session  is  trying  to  reconnect  (it  failed  to  connect  on  the 
first  attempt). 

Outbound 

A  session  is  in  the  connecting  phase  and  the  TCP 
connection  is  currently  being  created. 

Inbound 

An  inbound  session  is  in  the  connecting  phase. 

Disconnecting 

A  session  is  in  the  process  of  disconnecting. 

Disconnected 

The  local  computer  has  issued  a  disconnect  and  it  is 
waiting  for  confirmation  from  the  remote  system. 

•  This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network  Connections. 

Examples 

To  display  the  NetBIOS  name  table  of  the  remote  computer  with  the  NetBIOS  computer  name  of  CORP07,  type: 

btstat  /a  CORP07 

To  display  the  NetBIOS  name  table  of  the  remote  computer  assigned  the  IP  address  of  10.0.0.99,  type: 

nbtstat  /A  10.0.0.99 

To  display  the  NetBIOS  name  table  of  the  local  computer,  type: 

nbtstat  / n 

To  display  the  contents  of  the  local  computer  NetBIOS  name  cache,  type: 

nbtstat  /c 


To  purge  the  NetBIOS  name  cache  and  reload  the  #PRE-tagged  entries  in  the  local  Lmhosts  file,  type: 


nbtstat  /R 


To  release  the  NetBIOS  names  registered  with  the  WINS  server  and  re-register  them,  type: 

nbtstat  /RR 


To  display  NetBIOS  session  statistics  by  IP  address  every  five  seconds,  type: 

nbtstat  /S  5 


additional  references 

•  Command-Line  Syntax  Key 


netcfg 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Installs  the  Windows  Preinstallation  Environment  (WinPE),  a  lightweight  version  of  Windows  used  to  deploy 
workstations. 


Syntax 


netcfg  [/v]  [/e]  [/winpe]  [/I  ]  /c  /i 

Parameters 

PARAMETER 

DESCRIPTION 

/V 

Run  in  verbose  (detailed)  mode 

/e 

Use  servicing  environment  variables  during  install  and 
uninstall 

/winpe 

Installs  TCP/I R  NetBIOS  and  Microsoft  Client  for  Windows 
preinstallation  envrionment 

/I 

Provides  the  location  of  INF 

/c 

Provides  the  class  of  the  component  to  be  installed;  protocol, 
Service,  or  client 

fi 

Provides  the  component  ID 

/s 

Provides  the  type  of  components  to  show 

\ta  =  adapters,  n  =  net  components 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  install  the  protocol  example  using  c:\oemdir\example.inf: 

netcfg  /I  c:\oemdir\example.inf  /c  p  /i  example 

To  install  the  MS_Server  service: 

netcfg  /c  s  /i  MS_Server 

To  install  TCP/IP,  NetBIOS  and  Microsoft  Client  for  Windows  preinstallation  environment 


netcfg  /v  /winpe 


To  display  if  component  MS_IPX  is  installed: 
netcfg  /q  MS_IPX 


To  uninstall  component  MS_IPX: 

netcfg  / u  MS_IPX 


To  show  all  installed  net  components: 

netcfg  /s  n 


To  shows  binding  paths  containing  MS_TCPIP: 

netcfg  /b  ms_tcpip 


additional  references 

•  Command-Line  Syntax  Key 


netsh 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Netsh  is  a  command-line  scripting  utility  that  allows  you  to,  either  locally  or  remotely,  display  or  modify  the 
network  configuration  of  a  currently  running  computer. 

There  are  functional  differences  between  netsh  commands  on  Windows  Server®  2003,  Windows  Server®  2008, 
and  Windows  Server®  2008  R2: 

•  For  more  information  about  netsh  commands  on  Windows  Server  2003,  see  Netsh. 

•  For  more  information  about  netsh  commands  for  Windows  Server  2008  and  Windows  Server  2008  R2,  see 

Netsh  Technical  Reference. 


netstat 

1 0/1 7/2017  •  3  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Displays  active  TCP  connections,  ports  on  which  the  computer  is  listening,  Ethernet  statistics,  the  IP  routing  table, 
IPv4  statistics  (for  the  IP,  ICMP,  TCP,  and  UDP  protocols),  and  IPv6  statistics  (for  the  IPv6,  ICMPv6,  TCP  over  IPv6, 
and  UDP  over  IPv6  protocols).  Used  without  parameters,  netstat  displays  active  TCP  connections. 

Syntax 

netstat  [-a]  [-e]  [-n]  [-o]  [-p  <Protocol>]  [-r]  [-s]  [<Interval>] 


Parameters 

PARAMETER 


DESCRIPTION 


-a 

Displays  all  active  TCP  connections  and  the  TCP  and  UDP 
ports  on  which  the  computer  is  listening. 

-e 

Displays  Ethernet  statistics,  such  as  the  number  of  bytes  and 
packets  sent  and  received.  This  parameter  can  be  combined 
with  -s. 

-n 

Displays  active  TCP  connections,  however,  addresses  and  port 
numbers  are  expressed  numerically  and  no  attempt  is  made  to 
determine  names. 

-o 

Displays  active  TCP  connections  and  includes  the  process  ID 
(PID)  for  each  connection.  You  can  find  the  application  based 
on  the  PID  on  the  Processes  tab  in  Windows  Task  Manager. 

This  parameter  can  be  combined  with  -a,  -n,  and  -p. 

-P 

Shows  connections  for  the  protocol  specified  by  Protocol.  In 
this  case,  the  Protocol  can  be  tcp,  udp,  tcpv6,  or  udpv6.  If  this 
parameter  is  used  with  -s  to  display  statistics  by  protocol, 
Protocol  can  be  tcp,  udp,  icmp,  ip,  tcpv6,  udpv6,  icmpv6,  or 
ipv6. 

-s 

Displays  statistics  by  protocol.  By  default,  statistics  are  shown 
for  the  TCR  UDR  ICMR  and  IP  protocols.  If  the  IPv6  protocol  is 
installed,  statistics  are  shown  for  the  TCP  over  IPv6,  UDP  over 
IPv6,  ICMPv6,  and  IPv6  protocols.  The  -p  parameter  can  be 
used  to  specify  a  set  of  protocols. 

-r 

Displays  the  contents  of  the  IP  routing  table.  This  is  equivalent 
to  the  route  print  command. 

PARAMETER 


DESCRIPTION 


Redisplays  the  selected  information  every  Interval  seconds. 
Press  CTRL+C  to  stop  the  redisplay.  If  this  parameter  is 
omitted,  netstat  prints  the  selected  information  only  once. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  Parameters  used  with  this  command  must  be  prefixed  with  a  hyphen  (-)  rather  than  a  slash  (/). 

•  netstat  provides  statistics  for  the  following: 

o  Proto  The  name  of  the  protocol  (TCP  or  UDP). 

o  Local  address  The  I P  address  of  the  local  computer  and  the  port  number  being  used.  The  name  of  the 
local  computer  that  corresponds  to  the  IP  address  and  the  name  of  the  port  is  shown  unless  the  -n 
parameter  is  specified.  If  the  port  is  not  yet  established,  the  port  number  is  shown  as  an  asterisk  (*). 
o  foreign  address  The  IP  address  and  port  number  of  the  remote  computer  to  which  the  socket  is 
connected.  The  names  that  corresponds  to  the  I P  address  and  the  port  are  shown  unless  the  -n 
parameter  is  specified.  If  the  port  is  not  yet  established,  the  port  number  is  shown  as  an  asterisk  (*). 
o  (state)  Indicates  the  state  of  a  TCP  connection.  The  possible  states  are  as  follows:  CLOSE_WAIT  CLOSED 
ESTABLISHED  FIN_WAIT_1  FIN_WAIT_2  LAST_ACK  listEN  SYN_RECEIVED  SYN_S EN D  timeD_WAIT 
for  more  information  about  the  states  of  a  TCP  connection,  see  Rfc  793. 

•  This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network  Connections. 

Examples 

To  display  both  the  Ethernet  statistics  and  the  statistics  for  all  protocols,  type: 

netstat  -e  -s 

To  display  the  statistics  for  only  the  TCP  and  UDP  protocols,  type: 

netstat  -s  -p  tcp  udp 

To  display  active  TCP  connections  and  the  process  IDs  every  5  seconds,  type: 

netstat  -o  5 

To  display  active  TCP  connections  and  the  process  IDs  using  numerical  form,  type: 

netstat  -n  -o 


additional  references 


•  Command-Line  Syntax  Key 


Net  print 

1 0/24/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Displays  information  about  a  specified  printer  queue  or  a  specified  print  job,  or  controls  a  specified  print  job.  for 
examples  of  how  to  use  this  command,  see  the  Examples  section  of  this  document. 


NOTE 

This  command  has  been  deprecated  in  Windows  7  and  Windows  Server  2008  R2  .  However,  you  can  perform  many  of  the 
same  tasks  using  prnjobs,  Windows  Management  Instrumentation  (WMI),  or  Windows  PowerShell  cmdlets.  For  more 
information,  see  prnjobs,  Windows  Management  Instrumentation  (https://go.microsoft.com/fwlink/?LinklD=29991),  Windows 
PowerShell  (https://go.microsoft.com/fwlink/?LinklD=  128426),  and  the  TechNet  Script  Center  Gallery 
(https://go.microsoft.com/fwlink/?Linkld=  1 64635). 

Syntax 

Net  print  {\\<computerName>\<Sharename>  | 

\\<computerName>  <DobNumber>  [/hold  |  /release  |  /delete]}  [help] 


Parameters 


PARAMETERS 

DESCRIPTION 

\\\ 

Specifies  (by  name)  the  computer  and  print  queue  about  which 
you  want  to  display  information. 

\\ 

Specifies  (by  name)  the  computer  that  hosts  the  print  job  you 
want  to  control.  If  you  do  not  specify  a  computer,  the  local 
computer  is  assumed.  Requires  the  parameter. 

Specifies  the  number  of  the  print  job  you  want  to  control.  This 
number  is  assigned  by  the  computer  that  hosts  the  print  queue 
where  the  print  job  is  sent.  After  a  computer  assigns  a  number 
to  a  print  job,  that  number  is  not  assigned  to  any  other  print 
jobs  in  any  queue  hosted  by  that  computer.  Required  when 
using  the  \\  parameter. 

[/hold  |  /release  |  /delete] 

Specifies  the  action  to  take  with  the  print  job. 

-  The  /hold  parameter  delays  the  job,  allowing  other  print  jobs 
to  bypass  it  until  it  is  released. 

-  The  /release  parameter  releases  a  print  job  that  has  been 
delayed. 

-  The  /delete  parameter  removes  a  print  job  from  a  print 
queue. 

if  you  specify  a  job  number,  but  do  not  specify  any  action, 
information  about  the  print  job  is  displayed. 

help 

Displays  help  for  the  Net  print  command. 

remarks 


Net  print  \\  displays  information  about  print  jobs  in  a  shared  printer  queue.  The  following  is  an  example  of  a  report  for  all 
print  jobs  in  a  queue  for  a  shared  printer  named  LASER: 

printers  at  WPRODUCTION  Name  Dob  #  Size  Status  . -  LASER  Queue  3  jobs 

♦printer  active*  USER1  84  93844  printing  USER2  85  12555  Waiting  USER3  86  10222  Waiting 

The  following  is  an  example  of  a  report  for  a  print  job: 

Dob  #  35  Status  Waiting  Size  3096  remark  Submitting  user  USER2  Notify  USER2  Dob  data  type  Dob  parameters 
additional  info 

##  Examples  This  example  shows  how  to  list  the  contents  of  the  Dotmatrix  print  queue  on  the  WProduction  computer: 

Net  print  \\Production\Dotmatrix  This  example  shows  how  to  display  information  about  job  number  35  on  the 
WProduction  computer:  Net  print  WProduction  35  This  example  shows  how  to  delay  job  number  263  on  the 
WProduction  computer:  Net  print  WProduction  263  /hold  This  example  shows  how  to  release  job  number  263  on 
the  WProduction  computer:  Net  print  WProduction  263  /release  ####  additional  references  Command-Line  Syntax 
Key  print  Command  Reference 


nf  sad  min 

10/17/2017  •  8  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

You  can  use  nfsadmin  to  manage  Server  for  NFS  and  Client  for  NFS. 

Syntax 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  -I 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  -r  {  client  |  all  } 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  {  start  |  stop  } 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  config  Option  [...] 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  creategroup  Name 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  listgroups 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  deletegroup  Name 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  renamegroup  OldName  NewName 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  addmembers  Name  Host  [...] 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  listmembers 

nfsadmin  server  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  deletemembers  Group  Host  [...] 

nfsadmin  client  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  {  start  |  stop  } 

nfsadmin  client  [  computerName  ]  [  -u  UserName  [  -p  Password  ]]  config  Option  [...] 

Description 

The  nfsadmin  command-line  utility  administers  Server  for  NFS  or  Client  for  NFS  on  the  local  or  remote 
computer  running  Microsoft  Services  for  Network  File  System  (NFS).  If  you  are  logged  on  with  an  account  that 
does  not  have  the  required  privileges,  you  can  specify  a  user  name  and  password  of  an  account  that  does.  The 
action  performed  by  nfsadmin  depends  on  the  command  arguments  you  supply. 

In  addition  to  service-specific  command  arguments  and  options,  nfsadmin  accepts  the  following: 

computerName 

Specifies  the  remote  computer  you  want  to  administer.  You  can  specify  the  computer  using  a  Windows  Internet 
Name  Service  (WINS)  name  or  a  Domain  Name  System  (DNS)  name,  or  by  Internet  Protocol  (IP)  address. 

-u  UserName 

Specifies  the  user  name  of  the  user  whose  credentials  are  to  be  used.  It  might  be  necessary  to  add  the  domain 
name  to  the  user  name  in  the  form  domain\UserName 

-p  Password 

Specifies  the  password  of  the  user  specified  using  the  -u  option.  If  you  specify  the  -u  option  but  omit  the  -p  option, 


you  are  prompted  for  the  user's  password. 

Administering  Server  for  NFS 

Use  the  nfsadmin  server  command  to  administer  Server  for  NFS.  The  specific  action  that  nfsadmin  server  takes 
depends  on  the  command  option  or  argument  you  specify: 

-I 

lists  all  locks  held  by  clients. 

-r  {client  |  all} 

Releases  the  locks  held  by  a  client  or,  if  all  is  specified,  by  all  clients. 

start 

starts  the  Server  for  NFS  service. 

stop 

Stops  the  S  er ver  for  NFS  service. 

config 

Specifies  general  settings  for  Server  for  NFS.  You  must  supply  at  least  one  of  the  following  options  with  the 
config  command  argument: 

mapsvr =server 

Sets  server  as  the  User  Name  Mapping  server  for  Server  for  NFS.  Although  this  option  continues  to  be  supported 
for  compatibility  with  previous  versions,  you  should  use  the  sfuadmin  utility  instead. 

auditlocation={eventlog  |  file  |  both  |  none} 

Specifies  whether  events  will  be  audited  and  where  the  events  will  be  recorded.  One  of  the  following  arguments  is 
required. 

eventlog 

Specifies  that  audited  events  will  be  recorded  only  in  the  Event  Viewer  application  log. 

file 

Specifies  that  audited  events  will  be  recorded  only  in  the  file  specified  by  config  fname. 
both 

Specifies  that  audited  events  will  be  recorded  in  the  Event  Viewer  application  log  as  well  as  the  file  specified  by 

config  fname. 

none 

Specifies  that  events  will  not  be  audited. 

fnam  e=file 

Sets  the  file  specified  by  file  as  the  audit  file.  The  default  is  %sfudir%\log\nfssvr.log 
fsize  =  =size 

Sets  size  as  the  maximum  size  in  megabytes  of  the  audit  file.  The  default  maximum  size  is  7  MB. 

audit=[+|-]mount  [+ 1 -] read  [+|-]write  [+|-]create  [  +  |-]delete  [+|-]locking  [+|-]all 

Specifies  the  events  to  be  logged.  To  start  logging  an  event,  type  a  plus  sign  (+)  before  the  event  name;  to  stop 
logging  an  event,  type  a  minus  sign  (-)  before  the  event  name.  If  the  sign  is  omitted,  the  plus  sign  is  assumed.  Do 
not  use  all  with  any  other  event  name. 

lockperiod  =seconds 

Specifies  the  number  of  seconds  that  Server  for  NFS  will  wait  to  reclaim  locks  after  a  connection  to  Server  for 
NFS  has  been  lost  and  then  reestablished  or  after  the  Server  for  NFS  service  has  been  restarted. 

Portmapprotocol  =  {TCP  |  UDP  |  TCP  +  UDP 

Specifies  which  transport  protocols  Portmap  supports.  The  default  setting  is  TCP  +  U  DP. 


mountprotocoMTCP  |  UDP  |  TCP  +  UDP} 

Specifies  which  transport  protocols  mount  supports.  The  default  setting  is  TCP  +  UDP. 
nfsprotocol  =  {TCP  |  UDP  |  TCP  +  UDP} 

Specifies  which  transport  protocols  Network  File  System  (NFS)  supports.  The  default  setting  is  TCP  +  UDP 
nlmprotocol  =  {TCP  |  UDP  |  TCP  +  UDP} 

Specifies  which  transport  protocols  Network  Lock  Manager  (NLM)  supports.  The  default  setting  is  TCP  +  UDP. 
nsmprotocoMTCP  |  UDP  |  TCP  +  UDP} 

Specifies  which  transport  protocols  Network  Status  Manager  (NSM)  supports.  The  default  setting  is  TCP  +  U  DP. 

enableV3={yes  |  no} 

Specifies  whether  NFS  version  3  protocols  will  be  supported.  The  default  setting  is  yes. 
renewauth={yes  |  no} 

Specifies  whether  client  connections  will  be  required  to  be  reauthenticated  after  the  period  specified  by  config 
renewauthinterval.  The  default  setting  is  no. 

renewauthinterval  =seconds 

Specifies  the  number  of  seconds  that  elapse  before  a  client  is  forced  to  be  reauthenticated  if  config  renewauth  is 
set  to  yes.  The  default  value  is  600  seconds. 

dircache=stze 

Specifies  the  size  in  kilobytes  of  the  directory  cache.  The  number  specified  as  size  must  be  a  multiple  of  4  between 
4  and  1 28.  The  default  directory-cache  size  is  1 28  KB. 

translationfile  =  [file] 

Specifies  a  file  containing  mapping  information  for  replacing  characters  in  the  names  of  files  when  moving  them 
from  Windows-based  to  U  N  IX-based  file  systems.  If  file  is  not  specified,  then  file  name  character  translation  is 
disabled.  If  the  value  of  translationfile  is  changed,  you  must  restart  the  server  for  the  change  to  take  effect. 

dotfileshidden  =  {yes  |  no} 

Specifies  whether  files  that  are  created  with  names  beginning  with  a  period  (.)  will  be  marked  as  hidden  in  the 
Windows  file  system  and  consequently  hidden  from  NFS  clients.  The  default  setting  is  no. 

casesensitivelookups={yes  |  no} 

Specifies  whether  directory  lookups  will  be  case  sensitive  (requiring  exact  matching  of  character  case). 

You  also  need  to  disable  Windows  kernel  case-insensitivity  in  order  for  Server  for  NFS  to  support  case-sensitive 
file  names.  You  can  disable  Windows  kernel  case-insensitivity  by  clearing  the  following  registry  key  to  0: 

HKLM\SYSTEM\CurrentControlSet\Control\Session  Manager\kernel 

DWOrd  obcaseinsensitive 

IMPORTANT 

This  section  applies  only  to  Windows  Server  2008  R2,  Windows  Server  2008,  and  Windows  Server  2003.  This  section  does 
not  apply  to  Windows  Server  2012  R2  or  Windows  Server  2012. 


ntfscase={lower  |  upper  |  preserve} 

Specifies  whether  the  case  of  characters  in  the  names  of  files  in  the  NTFS  file  system  will  be  returned  in  lowercase, 
uppercase,  or  in  the  form  stored  in  the  directory.  The  default  setting  is  preserve.  This  setting  cannot  be  changed  if 

casesensitivelookups  is  set  to  yes. 

creategroup  name 

creates  a  new  client  group,  giving  it  the  specified  name. 


listgroups 

Displays  the  names  of  all  client  groups. 

deletegroup  name 

removes  the  client  group  specified  by  name. 
renamegroup  OldName  NewName 

changes  the  name  of  the  client  group  specified  by  OldName  to  NewName 

addmembers  Name  Host[...] 

adds  Host  to  the  client  group  specified  by  Name. 

listmembers  Name 

lists  the  host  computers  in  the  client  group  specified  by  Name. 
deletemembers  Group  Host[...] 

removes  the  client  specified  by  Host  from  the  client  group  specified  by  Group. 

if  you  do  not  specify  a  command  option  or  argument,  nfsadmin  server  displays  the  current  Server  for  NFS 
configuration  settings. 

Administering  Client  for  NFS 

Use  the  nfsadmin  client  command  to  administer  Client  for  NFS.  The  specific  action  that  nfsadmin  client  takes 
depends  on  the  command  argument  you  specify: 

start 

starts  the  Client  for  NFS  service. 

stop 

Stops  the  Client  for  NFS  service. 

config 

Specifies  general  settings  for  Client  for  NFS.  You  must  supply  at  least  one  of  the  following  options  with  the  config 
command  argument: 

fileaccess=mocfe 

•  Specifies  the  default  permission  mode  for  files  created  on  Network  File  System  (NFS)  servers.  The  mode 

argument  consists  of  a  three  digits  from  0  to  7  (inclusive)  representing  the  default  permissions  granted  the  user, 
group,  and  others  (respectively).  The  digits  translate  to  UNIX-style  permissions  as  follows:  0  =  none,  1  =x,  2=w, 
3=wx,  4  =  r,  5  =  rx,  6  =  rw,  and  7  =  rwx.  For  example,  fileaccess=750  gives  rwx  permission  to  the  owner,  rx 
permission  to  the  group,  and  no  access  permission  to  others. 

mapsvr =server 

Sets  server  as  the  User  Name  Mapping  server  for  Client  for  NFS.  Although  this  option  continues  to  be  supported 
for  compatibility  with  previous  versions,  you  should  use  the  sfuadmin  utility  instead. 

mtype={hard  |  soft} 

Specifies  the  default  mount  type.  For  a  hard  mount,  Client  for  NFS  continues  to  retry  a  failed  RPC  until  it  succeeds. 
For  a  soft  mount,  Client  for  NFS  returns  failure  to  the  calling  application  after  retrying  the  call  the  number  of  times 
specified  by  the  retry  option. 

retry -number 

Specifies  the  number  of  times  to  try  to  make  a  connection  for  a  soft  mount.  This  value  must  be  from  1  to  1 0, 
inclusive.  The  default  is  1 . 

timeout=seconc/s 

Specifies  the  number  of  seconds  to  wait  for  a  connection  (remote  procedure  call).  This  value  must  be  0.8,  0.9,  or  an 
integer  from  1  to  60,  inclusive.  The  default  is  0.8. 


Protocol  ={TCP  |  UDP  |  TCP  +  UDP} 

Specifies  which  transport  protocols  the  client  supports.  The  default  setting  is  TCP  +  U  DP 
rsize =size 

Specifies  the  size,  in  kilobytes,  of  the  read  buffer.  This  value  can  be  0.5, 1, 2, 4,  8, 1 6,  or  32.  The  default  is  32. 
wsize  =size 

Specifies  the  size,  in  kilobytes,  of  the  write  buffer.  This  value  can  be  0.5, 1, 2, 4,  8, 1 6,  or  32.  The  default  is  32. 

perf=default 

Restores  the  following  performance  settings  to  default  values: 

•  mtype 

•  retry 

•  timeout 

•  rsize 

•  wsize 

fileaccess=mocfe 

Specifies  the  default  permission  mode  for  files  created  on  Network  File  System  (NFS)  servers.  The  mode 
argument  consists  of  a  three  digits  from  0  to  7  (inclusive)  representing  the  default  permissions  granted  the  user, 
group,  and  others  (respectively).  The  digits  translate  to  UNIX-style  permissions  as  follows:  0  =  none,  1  =x,  2=w, 
3=wx,  4  =  r,  5  =  rx,  6  =  rw,  and  7  =  rwx.  For  example,  fileaccess=750  gives  rwx  permission  to  the  owner,  rx  permission 
to  the  group,  and  no  access  permission  to  others. 


if  you  do  not  specify  a  command  option  or  argument,  nfsadmin  client  displays  the  current  Client  for  NFS 
configuration  settings. 


nfsshare 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 

You  can  use  nfsshare  to  control  Network  File  System  (NFS)  shares. 

Syntax 

nfsshare  <ShareName>=<Drive:Path>  [-o  <Option=value> . . . ] 
nfsshare  {<ShareName>  |  <Drive> : <Path>  |  *  }  /delete 

Description 

Without  arguments,  the  nfsshare  command-line  utility  lists  all  Network  File  System  (NFS)  shares  exported  by 

Server  for  NFS.  With  ShareName  as  the  only  argument,  nfsshare  lists  the  properties  of  the  NFS  share  identified 
by  ShareName.  When  ShareName  and  Drive:Path  are  provided,  nfsshare  exports  the  folder  identified  by 

DriveiPath  as  ShareName.  When  the  /delete  option  is  used,  the  specified  folder  is  no  longer  made  available  to 

NFS  clients. 

Options 

The  nfsshare  command  accepts  the  following  options  and  arguments: 

TERM 

DEFINITION 

-o  anon={yes 

no} 

-o  rw[=  <  Host>  [:]...] 

Provides  read-write  access  to  the  shared  directory  by  the 
hosts  or  client  groups  specified  by  Host.  Separate  host  and 
group  names  with  a  colon  (:).  If  Host  is  not  specified,  all  hosts 
and  client  groups  (except  those  specified  with  the  ro  option) 
have  read-write  access.  If  neither  the  ro  nor  the  rw  option  is 
set,  all  clients  have  read-write  access  to  the  shared  directory. 

-o  ro[=  <  Host > [:]...] 

Provides  read-only  access  to  the  shared  directory  by  the  hosts 
or  client  groups  specified  by  Host.  Separate  host  and  group 
names  with  a  colon  (:).  If  Host  is  not  specified,  all  clients 
(except  those  specified  with  the  rw  option)  have  read-only 
access.  If  the  ro  option  is  set  for  one  or  more  clients,  but  the 
rw  option  is  not  set,  only  the  clients  specified  with  the  ro 
option  have  access  to  the  shared  directory. 

-o  encoding={big5 

euc-jp 

-o  anongid=<gid> 

Specifies  that  anonymous  (unmapped)  users  will  access  the 
share  directory  using  gid  as  their  group  identifier  (GID).  The 
default  is  -2.  The  anonymous  GID  will  be  used  when  reporting 
the  owner  of  a  file  owned  by  an  unmapped  user,  even  if 
anonymous  access  is  disabled. 

TERM 


DEFINITION 


-o  anonuid=<uid> 

Specifies  that  anonymous  (unmapped)  users  will  access  the 
share  directory  using  uid  as  their  user  identifier  (UID).  The 
default  is  -2.  The  anonymous  UID  will  be  used  when  reporting 
the  owner  of  a  file  owned  by  an  unmapped  user,  even  if 
anonymous  access  is  disabled. 

-o  root[=<Host>  [:]...] 

Provides  root  access  to  the  shared  directory  by  the  hosts  or 
client  groups  specified  by  Host.  Separate  host  and  group 
names  with  a  colon  (:).  If  Host  is  not  specified,  all  clients  have 
root  access.  If  the  root  option  is  not  set,  no  clients  have  root 
access  to  the  shared  directory. 

/delete 

If  ShareName  or  Drive:Path  is  specified,  deletes  the  specified 
share.  If  *  is  specified,  deletes  all  NFS  shares. 

NOTE 

To  view  the  complete  syntax  for  this  command,  at  a  command  prompt,  type: 

>  nfsshare  /? 


# 

Services  for  Network  File  System  Command  Reference  See  Also 


nfsstat 

4/13/2018  •  1  min  to  read  •  Edit  Online 


You  can  use  nfsstat  to  display  or  reset  counts  of  calls  made  to  Server  for  NFS. 

Syntax 

nfsstat  [-z] 


Description 

When  used  without  the  -z  option,  the  nfsstat  command-line  utility  displays  the  number  of  NFS  V 2,  NFS  V3,  and 
Mount  V3  calls  made  to  the  server  since  the  counters  were  set  to  0,  either  when  the  service  started  or  when  the 
counters  were  reset  using  nfsstat  -z. 


nlbmgr 

4/13/2018  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Using  Network  Load  Balancing  Manager,  you  can  configure  and  manage  your  Network  Load  Balancing  clusters 
and  all  cluster  hosts  from  a  single  computer,  and  you  can  also  replicate  the  cluster  configuration  to  other  hosts.  You 
can  start  Network  Load  Balancing  Manager  from  the  command-line  using  the  command  nlbmgr.exe,  which  is 
installed  in  the  systemroot\System32  folder. 

Syntax 

nlbmgr  [/help]  [/noping] 

[/hostlist  <filename>]  [/autorefresh  <interval>] 

Parameters 

PARAMETER 

DESCRIPTION 

/help 

Displays  help  at  the  command  prompt. 

/noping 

Prevents  Network  Load  Balancing  Manager  from  pinging  the 
hosts  prior  to  trying  to  contact  them  through  Windows 
Management  Instrumentation  (WMI).  Use  this  option  if  you 
have  disabled  Internet  Control  Message  Protocol  (ICMP)  on  all 
available  network  adapters.  If  Network  Load  Balancing 

Manager  attempts  to  contact  a  host  that  is  not  available,  you 
will  experience  a  delay  when  using  this  option. 

/hostlist 

Loads  the  hosts  specified  in  filename  into  Network  Load 

Balancing  Manager. 

/autorefresh 

Causes  Network  Load  Balancing  Manager  to  refresh  its  host 
and  cluster  information  every  seconds.  If  no  interval  is 
specified,  the  information  is  refreshed  every  60  seconds. 

/? 

Displays  help  at  the  command  prompt. 

additional  references 


•  Command-Line  Syntax  Key 


nslookup 

1 0/1 7/2017  •  5  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Displays  information  that  you  can  use  to  diagnose  Domain  Name  System  (DNS)  infrastructure.  Before  using  this 
tool,  you  should  be  familiar  with  how  DNS  works.  The  nslookup  command-line  tool  is  available  only  if  you  have 
installed  the  TCP/IP  protocol. 


Syntax 


nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 

nslookup 


[c-SubCommand  ...>]  [{<computerTofind>  |  -<Server>}] 

/exit 

/finger  [<UserName>]  [{[>]  <FileName> | [>>]  <FileName>}] 

/{help  |  ?} 

/Is  [<0ption>]  <DNSDomain>  [{[>]  <FileName> | [>>]  <FileName>}] 
/lserver  <DNSDomain> 

/root 

/server  <DNSDomain> 

/set  <KeyWord>[=<Value>] 

/set  all 

/set  class=<Class> 

/set  [no]d2 

/set  [no]debug 

/set  [no]defname 

/set  domain=<DomainName> 

/set  [no]ignore 
/set  port=<Port> 

/set  querytype=<ResourceRecordtype> 

/set  [no]recurse 
/set  retry=<Number> 

/set  root=<RootServer> 

/set  [no]search 

/set  srchlist=<DomainName>[/ . . . ] 

/set  timeout=<Number> 

/set  type=<ResourceRecordtype> 

/set  [no]vc 
/view  <FileName> 


Parameters 


PARAMETER 

DESCRIPTION 

nslookup  exit  Command 

exits  nslookup. 

nslookup  finger  Command 

Connects  with  the  finger  server  on  the  current  computer. 

nslookup  help 

Displays  a  short  summary  of  nslookup  subcommands. 

nslookup  Is 

lists  information  for  a  DNS  domain. 

nslookup  lserver 

changes  the  default  server  to  the  specified  DNS  domain. 

PARAMETER 


DESCRIPTION 


nslookup  root 

changes  the  default  server  to  the  server  for  the  root  of  the 
DNS  domain  name  space. 

nslookup  server 

changes  the  default  server  to  the  specified  DNS  domain. 

nslookup  set 

changes  configuration  settings  that  affect  how  lookups 
function. 

nslookup  set  all 

prints  the  current  values  of  the  configuration  settings. 

nslookup  set  class 

changes  the  query  class.  The  class  specifies  the  protocol  group 
of  the  information. 

nslookup  set  d2 

Turns  exhaustive  Debugging  mode  on  or  off.  All  fields  of  every 
packet  are  printed. 

nslookup  set  debug 

Turns  Debugging  mode  on  or  off. 

nslookup  /set  defname 

appends  the  default  DNS  domain  name  to  a  single  component 
lookup  request.  A  single  component  is  a  component  that 
contains  no  periods. 

nslookup  set  domain 

changes  the  default  DNS  domain  name  to  the  name  specified. 

nslookup  /set  ignore 

Ignores  packet  truncation  errors. 

nslookup  set  port 

changes  the  default  TCP/UDP  DNS  name  server  port  to  the 
value  specified. 

nslookup  set  querytype 

changes  the  resource  record  type  for  the  query. 

nslookup  set  recurse 

Tells  the  DNS  name  server  to  query  other  servers  if  it  does  not 
have  the  information. 

nslookup  set  retry 

Sets  the  number  of  retries. 

nslookup  set  root 

changes  the  name  of  the  root  server  used  for  queries. 

nslookup  set  search 

appends  the  DNS  domain  names  in  the  DNS  domain  search 
list  to  the  request  until  an  answer  is  received.  This  applies 
when  the  set  and  the  lookup  request  contain  at  least  one 
period,  but  do  not  end  with  a  trailing  period. 

nslookup  set  srchlist 

changes  the  default  DNS  domain  name  and  search  list. 

nslookup  set  timeout 

changes  the  initial  number  of  seconds  to  wait  for  a  reply  to  a 
request. 

nslookup  set  type 

changes  the  resource  record  type  for  the  query. 

nslookup  set  vc 

Specifies  to  use  or  not  use  a  virtual  circuit  when  sending 
requests  to  the  server. 

PARAMETER 


DESCRIPTION 


nslookup  view 


sorts  and  lists  the  output  of  the  previous  Is  subcommand  or 
commands. 


remarks 

•  if  computerTofind  is  an  I P  address  and  the  query  is  for  an  A  or  PTR  resource  record  type,  the  name  of  the 
computer  is  returned.  If  computerTofind  is  a  name  and  does  not  have  a  trailing  period,  the  default  DNS  domain 
name  is  appended  to  the  name.  This  behavior  depends  on  the  state  of  the  following  set  subcommands: 

domain,  srchlist,  defname,  and  search. 

•  if  you  type  a  hyphen  (-)  instead  of  computerTofind,  the  command  prompt  changes  to  nslookup  interactive 
mode. 

•  The  command-line  length  must  be  less  than  256  characters. 

•  nslookup  has  two  modes:  interactive  and  noninteractive,  if  you  need  to  look  up  only  a  single  piece  of  data,  use 
noninteractive  mode.  For  the  first  parameter,  type  the  name  or  IP  address  of  the  computer  that  you  want  to  look 
up.  For  the  second  parameter,  type  the  name  or  IP  address  of  a  DNS  name  server.  If  you  omit  the  second 
argument,  nslookup  uses  the  default  DNS  name  server,  if  you  need  to  look  up  more  than  one  piece  of  data, 
you  can  use  interactive  mode,  type  a  hyphen  (-)  for  the  first  parameter  and  the  name  or  IP  address  of  a  DNS 
name  server  for  the  second  parameter.  Or,  omit  both  parameters  and  nslookup  uses  the  default  DNS  name 
server.  Following  are  some  tips  about  working  in  interactive  mode: 

o  To  interrupt  interactive  commands  at  any  time,  press  CTRL  +  B. 
o  To  exit,  type  exit. 

o  To  treat  a  built-in  command  as  a  computer  name,  precede  it  with  the  escape  character  (\). 
o  An  unrecognized  command  is  interpreted  as  a  computer  name. 

•  if  the  lookup  request  fails,  nslookup  prints  an  error  message.  The  following  table  lists  possible  error  messages. 

|Error  message|Description|  | . | . — |  |  timed  out  |The  server  did  not  respond  to  a  request  after  a 

certain  amount  of  time  and  a  certain  number  of  retries.  You  can  set  the  time-out  period  with  the  set  timeout 
subcommand.  You  can  set  the  number  of  retries  with  the  set  retry  subcommand.!  |  No  response  from  server  |No 
DNS  name  server  is  running  on  the  server  computer.!  I  No  records  |The  DNS  name  server  does  not  have 
resource  records  of  the  current  query  type  for  the  computer,  although  the  computer  name  is  valid.  The  query 
type  is  specified  with  the  set  querytype  command.!  I  Nonexistent  domain  |The  computer  or  DNS  domain  name 
does  not  exist.!  !  Connection  refused 


-or- 


Network  is  unreachable  |The  connection  to  the  DNS  name  server  or  finger  server  could  not  be  made.  This  error 
commonly  occurs  with  Is  and  finger  requests.!  I  server  failure  |The  DNS  name  server  found  an  internal 
inconsistency  in  its  database  and  could  not  return  a  valid  answer.!  I  Refused  |The  DNS  name  server  refused  to 
servicetherequest.il  format  error  |The  DNS  name  server  found  that  the  request  packet  was  not  in  the  proper 
format.  It  may  indicate  an  error  in  nslookup. | 

•  for  more  information  about  the  nslookup  command  and  DNS,  see  the  following  resources: 

o  Lee,  T„  Davies,  J.  2000.  Microsoft  Windows  2000  TCP/IP  Protocols  and  Services  Technical  Reference. 
Redmond,  Washington:  Microsoft  Press. 

o  Albitz,  P,  Loukides,  M.  and  C.  Liu.  2001 .  DNS  and  BIND,  Fourth  edition.  Sebastopol,  California:  O'Reilly 
and  associates,  Inc. 

o  Larson,  M.  and  C.  Liu.  2001 .  DNS  on  Windows  2000.  Sebastopol,  California:  O'Reilly  and  associates,  Inc. 
####  Examples  Each  command-line  option  consists  of  a  hyphen  (-)  followed  immediately  by  the 
command  name  and,  in  some  cases,  an  equal  sign  (=)  and  then  a  value.  For  example,  to  change  the 
default  query  type  to  host  (computer)  information  and  the  initial  time-out  to  1 0  seconds,  type:  nslookup 


-querytype=hinfo  -timeout=10  ##  See  Also  Command-Line  Syntax  Key 


nslookup  exit  Command 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Exits  nslookup. 

Syntax 

Nslookup  /exit 


Parameters 

PARAMETER  DESCRIPTION 

{help  ?} 


Additional  references 

Command-Line  Syntax  Key 


nslookup  finger  Command 

4/13/2018  •  1  min  to  read  •  EditOnline 

Connects  with  the  finger  server  on  the  current  computer. 

Syntax 

finger  [<UserName>]  [{[>]  <FileName> | [>>]  <FileName>}] 

Parameters 

PARAMETER 

DESCRIPTION 

<UserName> 

Specifies  the  name  of  the  user  to  look  up. 

<FileName> 

Specifies  a  file  name  in  which  to  save  the  output.  You  can  use 
the  greater  than  (>)  and  double  greater  than  (>>)  characters 
to  redirect  the  output  in  the  usual  manner. 

{help 

?} 

Additional  references 

Command-Line  Syntax  Key 


nslookup  help 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  a  short  summary  of  nslookup  subcommands. 

Syntax 

{help  |  ?} 


Parameters 

PARAMETER  DESCRIPTION 

{help  ?} 


Additional  references 

Command-Line  Syntax  Key 


nslookup  Is 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 


Lists  information  for  a  Domain  Name  System  (DNS)  domain. 

Syntax 

Is  [<0ption>]  <DNSDomain>  [{[>]  <FileName> | [ >>]  <FileName>}] 


Parameters 

PARAMETER  DESCRIPTION 

The  following  table  lists  valid  options. 

-  -t:  lists  all  records  of  the  specified  type.  For  a  description  of, 
see  setquerytype  in  additional  references. 

-  -a:  lists  aliases  of  computers  in  the  DNS  domain.  This 
parameter  is  a  synonym  for  -t  CNAME 

-  -d:  lists  all  records  for  the  DNS  domain.  This  parameter  is  a 
synonym  for  -t  ANY 

-  -h:  lists  CPU  and  operating  system  information  for  the  DNS 
domain.  This  parameter  is  a  synonym  for  -t  HINFO 

-  -s:  lists  well-known  services  of  computers  in  the  DNS 
domain.  This  parameter  is  a  synonym  for  -t  WKS. 


Specifies  the  DNS  domain  for  which  you  want  information. 


Specifies  a  file  name  in  which  to  save  the  output.  You  can  use 
the  greater  than  (>)  and  double  greater  than  (>>)  characters 
to  redirect  the  output  in  the  usual  manner. 


{help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

•  The  default  output  contains  computer  names  and  their  IP  addresses.  When  output  is  directed  to  a  file,  hash 
marks  are  printed  for  every  50  records  received  from  the  server  ##  additional  references  Command-Line 
Syntax  Key  nslookup  set  querytype 


nslookup  Iserver 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  default  server  to  the  specified  Domain  Name  System  (DNS)  domain. 

Syntax 

Iserver  <DNSDomain> 


Parameters 

PARAMETER  DESCRIPTION 

Specifies  the  new  DNS  domain  for  the  default  server. 

{help  |  ?}  Displays  a  short  summary  of  nslookup  subcommands. 

remarks 

•  The  Iserver  command  uses  the  initial  server  to  look  up  the  information  about  the  specified  DNS  domain.  This 
is  in  contrast  to  the  server  command,  which  uses  the  current  default  server.  ##  additional  references 
Command-Line  Syntax  Key  nslookup  server 


nslookup  root 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  default  server  to  the  server  for  the  root  of  the  Domain  Name  System  (DNS)  domain  name  space. 

Syntax 

root 

Parameters 


PARAMETER 

DESCRIPTION 

{help  |  ?} 

Displays  a  short  summary  of  nslookup  subcommands. 

remarks 

•  Currently,  the  ns.nic.ddn.mil  name  server  is  used.  This  command  is  a  synonym  for  Iserver  ns.nic.ddn.mil.  You 
can  change  the  name  of  the  root  server  with  the  set  root  command.  ##  additional  references  Command-Line 
Syntax  Key  nslookup  set  root 


nslookup  server 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  default  server  to  the  specified  Domain  Name  System  (DNS)  domain. 

Syntax 

server  <DNSDomain> 


Parameters 

PARAMETER  DESCRIPTION 

Required.  Specifies  the  new  DNS  domain  for  the  default  server, 
(help  |  ?}  Displays  a  short  summary  of  nslookup  subcommands. 

remarks 

•  The  server  command  uses  the  current  default  server  to  look  up  the  information  about  the  specified  DNS 
domain.  This  is  in  contrast  to  the  Iserver  command,  which  uses  the  initial  server.  ##  additional  references 
Command-Line  Syntax  Key  nslookup  Iserver 


nslookup  set 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


changes  configuration  settings  that  affect  how  lookups  function. 

Syntax 

set  <KeyWord>[=<Value>] 


Parameters 

PARAMETER  DESCRIPTION 

Identifies  subcommands  that  are  derived  from  the  set 
subcommand.  For  example,  the  subcommand  set  d2  has  a 
keyword  of  [no]d2.  For  the  list  of  subcommands  that  are 
derived  from  the  set  subcommand,  see  additional  references. 


Specifies  the  nslookup  configuration  setting  value  for  each 
subcommand. 


(help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

Use  set  all  to  see  a  listing  of  the  current  settings. 

additional  references 


Command-Line  Syntax  Key  nslookup  set  all 


nslookup  set  all 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Prints  the  current  values  of  the  configuration  settings. 

Syntax 

set  all 


Parameters 

PARAMETER  DESCRIPTION 

{help  ?} 


Remarks 

•  Set  all  also  prints  information  about  the  default  server  and  computer  (that  is,  the  host). 


Additional  references 

Command-Line  Syntax  Key 


nslookup  set  class 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Changes  the  query  class.  The  class  specifies  the  protocol  group  of  the  information 

Syntax 

set  class=<Class> 

Parameters 


PARAMETER 

DESCRIPTION 

<Class> 

The  default  class  is  IN.  The  following  lists  the  valid  values  for 
this  command. 

-  IN:  Specifies  the  Internet  class. 

-  CHAOS:  Specifies  the  Chaos  class. 

-  HESIOD:  Specifies  the  MIT  Athena  Hesiod  class. 

-  ANY:  Specifies  any  of  the  previously  listed  wildcards. 

{help 

?} 

Additional  references 

Command-Line  Syntax  Key 


nslookup  set  d2 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Turns  exhaustive  Debugging  Mode  on 

Syntax 

or  off.  All  fields  of  every  packet  are  printed. 

set  [no]d2 

Parameters 

PARAMETER 

DESCRIPTION 

nod2 

Turns  off  exhaustive  Debugging  Mode.  The  default  syntax  is 

nod2. 

d2 

Turns  on  exhaustive  Debugging  Mode. 

{help 

?} 

Additional  references 

Command-Line  Syntax  Key 


nslookup  set  debug 

4/13/2018  •  1  min  to  read  •  EditOnline 

Turns  Debugging  Mode  on  or  off. 

Syntax 

set  [no]debug 

Parameters 

PARAMETER 

DESCRIPTION 

nodebug 

Turns  off  Debugging  Mode.  The  default  syntax  is  nodebug. 

debug 

Turns  on  Debugging  Mode. 

**{help 

?}** 

Remarks 

•  With  Debugging  Mode  turned  on,  more  information  is  printed  about  the  packet  sent  to  the  server  and  the 
resulting  answer. 

Additional  references 

Command-Line  Syntax  Key 


nslookup  set  domain 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  default  Domain  Name  System  (DNS)  domain  name  to  the  name  specified. 

Syntax 

set  domain=<DomainName> 


Parameters 

PARAMETER  DESCRIPTION 


Specifies  a  new  name  for  the  default  DNS  domain  name.  The 
default  domain  name  is  the  host  name. 


(help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

•  The  default  DNS  domain  name  is  appended  to  a  lookup  request  depending  on  the  state  of  the  defname  and 
search  options.  The  DNS  domain  search  list  contains  the  parents  of  the  default  DNS  domain  if  it  has  at  least 
two  components  in  its  name.  For  example,  if  the  default  DNS  domain  is  mfg.widgets.com,  the  search  list  is 
named  both  mfg.widgets.com  and  widgets.com.  Use  the  set  srchlist  command  to  specify  a  different  list  and  the 
set  all  command  to  display  the  list.  ##  additional  references  Command-Line  Syntax  Key  nslookup  set  srchlist 
nslookup  set  all 


nslookup  set  port 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Changes  the  default  TCP/UDP  Domain  Name  System  (DNS)  name  server  port  to  the  value  specified 

Syntax 

set  port=<Port> 

Parameters 


PARAMETER 

DESCRIPTION 

<Port> 

Specifies  the  new  value  for  the  default  TCP/UDP  DNS  name 
server  port.  The  default  port  is  53. 

{help 

?} 

Additional  references 

Command-Line  Syntax  Key 

nslookup  set  querytype 

10/17/2017  •  1  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel), 

Windows  Server  2012 

Windows  Server  2016,  Windows  Server  2012  R2, 

changes  the  resource  record  type  for  the  query. 

Syntax 

set  querytype=<ResourceRecordtype> 

Parameters 

Specifies  a  DNS  resource  record  type.  The  default  resource  record  type  is  A.  The  following  table  lists  the  valid 

values  for  this  command. 

VALUE 

DESCRIPTION 

A 

Specifies  a  computer's  IP  address 

ANY 

Specifies  a  computer's  IP  address. 

CNAME 

Specifies  a  canonical  name  for  an  alias. 

GID 

Specifies  a  group  identifier  of  a  group  name. 

HINFO 

Specifies  a  computer's  CPU  and  type  of  operating  system. 

MB 

Specifies  a  mailbox  domain  name. 

MG 

Specifies  a  mail  group  member. 

MINFO 

Specifies  mailbox  or  mail  list  information. 

MR 

Specifies  the  mail  rename  domain  name. 

MX 

Specifies  the  mail  exchanger. 

NS 

Specifies  a  DNS  name  server  for  the  named  zone. 

PTR 

Specifies  a  computer  name  if  the  query  is  an  IP  address; 
otherwise,  specifies  the  pointer  to  other  information. 

SOA 

Specifies  the  start-of-authority  for  a  DNS  zone. 

TXT 

Specifies  the  text  information. 

VALUE 


DESCRIPTION 


UID 

Specifies  the  user  identifier. 

UINFO 

Specifies  the  user  information. 

WKS 

Describes  a  well-known  service. 

{help 

?} 

Displays  a  short  summary  of  nslookup  subcommands 

remarks 

•  The  set  type  command  performs  the  same  function  as  the  set  querytype  command. 

•  for  more  information  about  resource  record  types,  see  Request  for  Comment  (Rfc)  1035.  ##  additional 
references  Command-Line  Syntax  Key  nslookup  set  type 


nslookup  set  recurse 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Tells  the  Domain  Name  System  (DNS)  name  server  to  query  other  servers  if  it  does  not  have  the  information 

Syntax 

set  [no]recurse 

Parameters 


PARAMETER 

DESCRIPTION 

norecurse 

Stops  the  Domain  Name  System  (DNS)  name  server  from 
querying  other  servers  if  it  does  not  have  the  information. 

recurse 

Tells  the  Domain  Name  System  (DNS)  name  server  to  query 
other  servers  if  it  does  not  have  the  information.  The  default 
syntax  is  recurse. 

{help 

?) 

Additional  references 

Command-Line  Syntax  Key 

nslookup  set  retry 

1 0/1 7/2017  *1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

Sets  the  number  of  retries. 

Syntax 

set  retry=<Number> 


Parameters 

PARAMETER 


DESCRIPTION 

Specifies  the  new  value  for  the  number  of  retries.  The  default 
number  of  retries  is  4. 


{help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

•  When  a  reply  to  a  request  is  not  received  within  a  certain  amount  of  time,  the  time-out  period  is  doubled  and 
the  request  is  resent.  The  retry  value  controls  how  many  times  a  request  is  resent  before  giving  up.  You  can 
change  the  time-out  period  with  the  set  timeout  subcommand.  ##  additional  references  Command-Line 
Syntax  Key  nslookup  set  timeout 


nslookup  set  root 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  name  of  the  root  server  used  for  queries. 

Syntax 


set  root=<RootServer> 


Parameters 

PARAMETER  DESCRIPTION 


Specifies  the  new  name  for  the  root  server.  The  default  value  is 
ns.nic.ddn.mil. 


(help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

•  The  set  root  subcommand  affects  the  root  subcommand.  ##  additional  references  Command-Line  Syntax  Key 
nslookup  root 


nslookup  set  search 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Appends  the  Domain  Name  System  (DNS)  domain  names  in  the  DNS  domain  search  list  to  the  request  until  an 
answer  is  received.  This  applies  when  the  set  and  the  lookup  request  contain  at  least  one  period,  but  do  not  end 
with  a  trailing  period. 

Syntax 

set  [no]search 

Parameters 


PARAMETER 

DESCRIPTION 

nosearch 

Stops  appending  the  Domain  Name  System  (DNS)  domain 
names  in  the  DNS  domain  search  list  to  the  request. 

search 

Appends  the  Domain  Name  System  (DNS)  domain  names  in 
the  DNS  domain  search  list  to  the  request  until  an  answer  is 
received.  The  default  syntax  is  search. 

{help 

?} 

Additional  references 

Command-Line  Syntax  Key 

nslookup  set  srchlist 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


changes  the  default  Domain  Name  System  (DNS)  domain  name  and  search  list. 

Syntax 

Set  srchlist=<DomainName>[/. . . ] 


Parameters 

PARAMETER  DESCRIPTION 

Specifies  new  names  for  the  default  DNS  domain  and  search 
list.  The  default  domain  name  value  is  based  on  the  host 
name.  You  can  specify  a  maximum  of  six  names  separated  by 
slashes  (/). 


(help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

•  The  set  srchlistcommand  overrides  the  default  DNS  domain  name  and  search  list  of  the  set  domain 
command.  Use  the  set  all  command  to  display  the  list.  ##  Examples  The  following  example  sets  the  DNS 
domain  to  mfg.widgets.com  and  the  search  list  to  the  three  names: 

set  srchiist=mfg. widgets.com/mrp2. widgets. com/widgets. com  ##  additional  references  Command-Line  Syntax 
Key  nslookup  set  domain  nslookup  set  all 


nslookup  set  timeout 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  initial  number  of  seconds  to  wait  for  a  reply  to  a  lookup  request. 

Syntax 

set  timeout=<Number> 


Parameters 

PARAMETER  DESCRIPTION 


Specifies  the  number  of  seconds  to  wait  for  a  reply.  The  default 
number  of  seconds  to  wait  is  5. 


(help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


remarks 

•  When  a  reply  to  a  request  is  not  received  within  the  specified  time  period,  the  time-out  is  doubled  and  the 
request  is  sent  again.  You  can  use  the  set  retry  command  to  control  the  number  of  retries.  ##  Examples  The 
following  example  sets  the  timeout  for  getting  a  response  to  2  seconds:  set  timeout=2  ##  additional  references 
Command-Line  Syntax  Key  nslookup  set  retry 


nslookup  set  type 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  resource  record  type  for  the  query. 

Syntax 

set  type=<ResourceRecordtype> 

Parameters 

Specifies  a  DNS  resource  record  type.  The  default  resource  record  type  is  A.  The  following  table  lists  the  valid 
values  for  this  command. 


VALUE 

DESCRIPTION 

A 

Specifies  a  computer's  IP  address 

ANY 

Specifies  a  computer's  IP  address. 

CNAME 

Specifies  a  canonical  name  for  an  alias. 

GID 

Specifies  a  group  identifier  of  a  group  name. 

HINFO 

Specifies  a  computer's  CPU  and  type  of  operating  system. 

MB 

Specifies  a  mailbox  domain  name. 

MG 

Specifies  a  mail  group  member. 

MINFO 

Specifies  mailbox  or  mail  list  information. 

MR 

Specifies  the  mail  rename  domain  name. 

MX 

Specifies  the  mail  exchanger. 

NS 

Specifies  a  DNS  name  server  for  the  named  zone. 

PTR 

Specifies  a  computer  name  if  the  query  is  an  IP  address; 
otherwise,  specifies  the  pointer  to  other  information. 

SOA 

Specifies  the  start-of-authority  for  a  DNS  zone. 

TXT 

Specifies  the  text  information. 

VALUE 


DESCRIPTION 


UID 

Specifies  the  user  identifier. 

UINFO 

Specifies  the  user  information. 

WKS 

Describes  a  well-known  service. 

{help 

?} 

Displays  a  short  summary  of  nslookup  subcommands 

remarks 

•  The  set  type  command  performs  the  same  function  as  the  set  querytype  command. 

•  for  more  information  about  resource  record  types,  see  Request  for  Comment  (Rfc)  1 035.  ##  additional 
references  Command-Line  Syntax  Key  nslookup  set  querytype 


nslookup  set  vc 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Specifies  to  use  or  not  use  a  virtual  circuit  when  sending  requests  to  the  server. 

Syntax 

set  [no]vc 

Parameters 


PARAMETER 

DESCRIPTION 

novc 

Specifies  to  never  use  a  virtual  circuit  when  sending  requests 
to  the  server.  The  default  is  novc. 

vc 

Specifies  to  always  use  a  virtual  circuit  when  sending  requests 
to  the  server. 

{help 

?} 

Additional  references 

Command-Line  Syntax  Key 

nslookup  view 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

sorts  and  lists  the  output  of  the  previous  Is  subcommand  or  commands. 

Syntax 


view  <FileName> 


Parameters 

PARAMETER  DESCRIPTION 


Specifies  the  name  of  the  file  containing  output  from  the 
previous  Is  subcommand  or  commands. 


(help  |  ?} 


Displays  a  short  summary  of  nslookup  subcommands. 


additional  references 

Command-Line  Syntax  Key 
nslookup  Is 


ntbackup 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


The  ntbackup  command  is  not  available  in  Windows  Vista  or  Windows  Server  2008.  Instead,  you  should  use  the 
wbadmin  command  and  subcommands  to  back  up  and  restore  your  computer  and  files  from  a  command  prompt. 

You  cannot  recover  backups  that  you  created  with  ntbackup  by  using  wbadmin.  However,  a  version  of  ntbackup 
is  available  as  a  download  for  Windows  Server  2008  and  Windows  Vista  users  who  want  to  recover  backups  that 
they  created  using  ntbackup.  This  downloadable  version  of  ntbackup  enables  you  to  perform  recoveries  only  of 
legacy  backups,  and  it  cannot  be  used  on  computers  running  Windows  Server  2008  or  Windows  Vista  to  create 
new  backups.  To  download  this  version  of  ntbackup,  see  https://go.microsoft.com/fwlink/?Linkid  =  8291 7. 

Additional  references 

Command-Line  Syntax  Key 

Wbadmin 


ntcmdprompt 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Runs  the  command  interpreter  Cmd.exe,  rather  than  Command.com,  after  running  a  Terminate  and  Stay 

Resident  (TSR)  or  after  starting  the  command  prompt  from  within  an  MS-DOS  application. 

Syntax 

ntcmdprompt 

Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  When  Command.com  is  running,  some  features  of  Cmd.exe,  such  as  the  doskey  display  of  command  history, 
are  not  available.  If  you  would  prefer  to  run  the  Cmd.exe  command  interpreter  after  you  have  started  a 
Terminate  and  Stay  Resident  (TSR)  or  started  the  command  prompt  from  within  an  application  based  on  MS- 
DOS,  you  can  use  the  ntcmdprompt  command.  However,  keep  in  mind  that  the  TSR  may  not  be  available  for 
use  when  you  are  running  Cmd.exe.  You  can  include  the  ntcmdprompt  command  in  your  Config.nt  file  or 
the  equivalent  custom  startup  file  in  an  application's  program  information  file  (Pif).  ##  Examples  To  include 
ntcmdprompt  in  your  Config.nt  file,  or  the  configuration  startup  file  specified  in  the  Pif,  type:  ntcmdprompt 
##  additional  references 

•  Command-Line  Syntax  Key 


ntfrsutl 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Dumps  the  internal  tables,  thread,  and  memory  information  for  the  NT  File  Replication  Service  (NTFRS).  It  runs 
against  local  and  remote  servers.  The  recovery  setting  for  NTFRS  in  Service  Control  Manager  (SCM)  can  be 
critical  to  locating  and  keeping  IMPORTANT  log  events  on  the  computer.  This  tool  provides  a  convenient  method 
of  reviewing  those  settings. 

Syntax 

ntfrsutl [idtable [ configtable | inlog | out log] [< computer >] 

ntfrsutl [memory | threads | stage] [< computer >] 

ntfrsutl  ds[<computer>] 

ntfrsutl  [sets] [<computer>] 

ntfrsutl  [version] [<computer>] 

ntfrsutl  poll [/quickly [= [<N> ] ] ] [/slowly [=[<N>] ] ] [/now] [< computer >] 


Parameters 

PARAMETER 

DESCRIPTION 

idtable 

ID  table 

configtable 

FRS  configuration  table 

inlog 

Inbound  log 

outlog 

Outbound  log 

Specifies  the  computer. 

memory 

Memory  usage 

threads 

stage 

ds 

lists  the  NTFRS  service's  view  of  the  DS. 

sets 

Specifies  the  active  replica  sets 

version 

Specifies  the  API  and  NTFRS  service  versions. 

PARAMETER  DESCRIPTION 

poll  Specifies  the  current  polling  intervals. 

Parameters: 

•  /quickly[=[  ]]  (Polls  quickly) 

•  quickly  -  Polls  quickly  until  stable  configuration 
is  rectrieved 

•  quickly=  -  Polls  quickly  every  default  minutes. 

•  quickly=  -  Polls  quickly  every  N  minutes 

•  /slowly [=[  ]]  (Polls  slowly) 

•  slowly  -  Polls  slowly  until  stable  configuration  is 
retrieved 

•  slowly=  -  Polls  slowly  every  default  minutes 

•  slowly=  -  Polls  quickly  every  N  minutes 

•  /now  (Polls  now) 


/?  Displays  help  at  the  command  prompt. 


Examples 

To  determine  the  polling  interval  for  file  replication: 


C:\Program  Files\SupportTools>ntfrsutl  poll  wrkstn-1 


To  determine  the  current  NTFRS  application  program  interface  (API)  version: 
C:\Program  Files\SupportTools>ntfrsutl  version 


additional  references 


•  Command-Line  Syntax  Key 


openfiles 

4/1 3/2018  •  4  min  to  read  •  Edit  Online 


Enables  an  administrator  to  query,  display,  or  disconnect  files  and  directories  that  have  been  opened  on  a  system. 
Also  enables  or  disables  the  system  Maintain  Objects  List  global  flag. 

This  topic  includes  information  about  the  following  commands: 

•  openfiles  /disconnect 

•  openfiles /query 

•  openfiles /local 

openfiles  /disconnect 

Enables  an  administrator  to  disconnect  files  and  folders  that  have  been  opened  remotely  through  a  shared  folder. 

Syntax 

openfiles  /disconnect  [/s  <System>  [/u  [<Domain>\]<UserName>  [/p  [<Passwond>] ] ] ]  {[/id  <OpenFileID>]  |  [/a 
<AccessedBy>]  |  [/o  {read  |  write  |  read/write}]}  [/op  <0penFile>] 


Parameters 


PARAMETER 

DESCRIPTION 

/s  <  System  > 

Specifies  the  remote  system  to  connect  to  (by  name  or  IP 
address).  Do  not  use  backslashes.  If  you  do  not  use  the  /s 
option,  the  command  is  executed  on  the  local  computer  by 
default.  This  parameter  applies  to  all  files  and  folders  that  are 
specified  in  the  command. 

/u  [<Domain>] 

Executes  the  command  by  using  the  permissions  of  the 
specified  user  account.  If  you  do  not  use  the  /u  option,  system 
permissions  are  used  by  default. 

/p  [<Password>] 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  option.  If  you  do  not  use  the  /p  option,  a  password 
prompt  appears  when  the  command  is  executed. 

/id  <OpenFilelD> 

Disconnects  open  files  by  the  specified  file  ID.  The  wildcard 
character  (*)  can  be  used  with  this  parameter. 

Note:  You  can  use  the  openfiles  /query  command  to  find  the 
file  ID. 

/a  <  Accessed  By  > 

Disconnects  all  open  files  associated  with  the  user  name  that  is 
specified  in  the  AccessedBy  parameter.  The  wildcard  character 
(*)  can  be  used  with  this  parameter. 

/o  {read 

write 

/op  <OpenFile> 

Disconnects  all  open  file  connections  that  are  created  by  a 
specific  open  file  name.  The  wildcard  character  (*)  can  be  used 
with  this  parameter. 

PARAMETER 


DESCRIPTION 


/? 


Displays  help  at  the  command  prompt. 


Examples 

To  disconnect  all  open  files  with  the  file  ID  26843578,  type: 

openfiles  /disconnect  /id  26843578 


To  disconnect  all  open  files  and  directories  accessed  by  the  user  "hiropln,"  type: 

openfiles  /disconnect  /a  hiropln 


To  disconnect  all  open  files  and  directories  with  read/write  mode,  type: 

openfiles  /disconnect  /o  read/write 


To  disconnect  the  directory  with  the  Open  File  name  "C:\TestShare",  regardless  of  who  is  accessing  it,  type: 

openfiles  /disconnect  /a  *  /op  "c : \testshare\" 


To  disconnect  all  open  files  on  the  remote  computer  "srvmain"  that  are  being  accessed  by  the  user  "hiropln," 
regardless  of  their  ID,  type: 

openfiles  /disconnect  /s  srvmain  /u  maindom\hiropln  /id  * 


openfiles  /query 

Queries  and  displays  all  open  files. 

Syntax 

openfiles  /query  [/s  <System>  [/u  [<Domain>\]<UserName>  [/p  [<Password>] ] ] ]  [/fo  {TABLE  |  LIST  |  CSV}]  [ /nh ] 
[/v] 


Parameters 

PARAMETER 


DESCRIPTION 


/s  <System>  Specifies  the  remote  system  to  connect  to  (by  name  or  IP 

address).  Do  not  use  backslashes.  If  you  do  not  use  the  /s 
option,  the  command  is  executed  on  the  local  computer  by 
default.  This  parameter  applies  to  all  files  and  folders  that  are 
specified  in  the  command. 


/u  [<Domain>]  Executes  the  command  by  using  the  permissions  of  the 

specified  user  account.  If  you  do  not  use  the  /u  option,  system 
permissions  are  used  by  default. 


PARAMETER 


DESCRIPTION 


/p  [<Password>] 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  option.  If  you  do  not  use  the  /p  option,  a  password 
prompt  appears  when  the  command  is  executed. 

[/to  {TABLE 

LIST 

/nh 

Suppresses  column  header  in  the  output.  Valid  only  when  the 
/fo  parameter  is  set  to  TABLE  or  CSV. 

/v 

Specifies  that  detailed  information  be  displayed  in  the  output. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  query  and  display  all  open  files,  type: 

openfiles  /query 

To  query  and  display  all  open  files  in  table  format  without  headers,  type: 

openfiles  /query  /fo  table  /nh 

To  query  and  display  all  open  files  in  list  format  with  detailed  information,  type: 

openfiles  /query  /fo  list  /v 

To  query  and  display  all  open  files  on  the  remote  system  "srvmain"  by  using  the  credentials  for  the  user  "hiropln1 
on  the  "maindom"  domain,  type: 

openfiles  /query  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23 


NOTE 

In  this  example,  the  password  is  supplied  on  the  command  line.  To  prevent  displaying  the  password,  leave  out  the  /p  option. 
You  will  be  prompted  for  the  password,  which  will  not  be  echoed  to  the  screen. 


openfiles  /local 

Enables  or  disables  the  system  Maintain  Objects  List  global  flag.  If  used  without  parameters,  openfiles  /local 
displays  the  current  status  of  the  Maintain  Objects  List  global  flag. 

Syntax 

openfiles  /local  [on  |  off] 


Parameters 


PARAMETER 


DESCRIPTION 


[on  off] 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Enabling  the  Maintain  Objects  List  global  flag  may  slow  down  your  system. 

•  Changes  made  by  using  the  on  or  off  option  do  not  take  effect  until  you  restart  the  system. 

Examples 

To  check  the  current  status  of  the  Maintain  Objects  List  global  flag,  type: 

openfiles  /local 

By  default,  the  Maintain  Objects  List  global  flag  is  disabled,  and  the  following  output  is  displayed 
INFO:  The  system  global  flag  'maintain  objects  list'  is  currently  disabled. 

To  enable  the  Maintain  Objects  List  global  flag,  type: 

openfiles  /local  on 

The  following  message  is  displayed  when  the  global  flag  is  enabled: 

SUCCESS:  The  system  global  flag  'maintain  objects  list'  is  enabled. 

This  will  take  effect  after  the  system  is  restarted. 

To  disable  the  Maintain  Objects  List  global  flag,  type: 

openfiles  /local  off 

Additional  references 

Command-Line  Syntax  Key 


pagefileconfig 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


pagefileconfig  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  pagefileconfig. 


path 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sets  the  command  path  in  the  PATH  environment  variable  (the  set  of  directories  used  to  search  for  executable 
files).  If  used  without  parameters,  path  displays  the  current  command  path. 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 

path  [ [<Drive> : ]<Path>[; . . . ] [;%PATH%] ] 
path  ; 

Parameters 

PARAMETER 

DESCRIPTION 

[<  Drive> :] 

Specifies  the  drive  and  directory  to  set  in  the  command  path. 

' 

Separates  directories  in  the  command  path.  If  used  without 
other  parameters, ;  clears  the  existing  command  paths  from 
the  PATH  environment  variable  and  directs  Cmd.exe  to  search 
only  in  the  current  directory. 

%PATH% 

Appends  the  command  path  to  the  existing  set  of  directories 
listed  in  the  PATH  environment  variable. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  When  you  include  %PATH%  in  the  syntax,  Cmd.exe  replaces  it  with  the  command  path  values  found  in  the 
PATH  environment  variable,  eliminating  the  need  to  manually  enter  these  values  at  the  command  prompt. 

•  The  current  directory  is  always  searched  before  the  directories  specified  in  the  command  path. 

•  You  might  have  files  in  a  directory  that  share  the  same  file  name  but  have  different  extensions.  For  example, 
you  might  have  a  file  named  Accnt.com  that  starts  an  accounting  program  and  another  file  named  Accnt.bat 
that  connects  your  server  to  the  accounting  system  network. 

The  Windows  operating  system  searches  for  a  file  by  using  default  file  name  extensions  in  the  following 
order  of  precedence:  .exe,  .com,  .bat,  and  .cmd.  To  run  Accnt.bat  when  Accnt.com  exists  in  the  same  directory, 
you  must  include  the  .bat  extension  at  the  command  prompt. 

•  If  two  or  more  files  in  the  command  path  have  the  same  file  name  and  extension,  path  first  searches  for  the 
specified  file  name  in  the  current  directory.  Then  it  searches  the  directories  in  the  command  path  in  the  order 
that  they  are  listed  in  the  PATH  environment  variable. 

•  If  you  place  the  path  command  in  your  Autoexec.nt  file,  the  Windows  operating  system  automatically  appends 
the  specified  MS-DOS  subsystem  search  path  every  time  you  log  on  to  your  computer.  Cmd.exe  does  not  use 
the  Autoexec.nt  file.  When  started  from  a  shortcut,  Cmd.exe  inherits  the  environment  variables  set  in  My 
Computer/Properties/Advanced/Environment. 


Examples 

To  search  the  paths  C:\User\Taxes,  B:\User\lnvest,  and  B:\Bin  for  external  commands,  type: 


path  c :\user\taxes;b: \user\invest; b: \bin 


Additional  references 

Command-Line  Syntax  Key 


pathping 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Provides  information  about  network  latency  and  network  loss  at  intermediate  hops  between  a  source  and 
destination,  pathping  sends  multiple  echo  Request  messages  to  each  router  between  a  source  and  destination 
over  a  period  of  time  and  then  computes  results  based  on  the  packets  returned  from  each  router.  Because 
pathping  displays  the  degree  of  packet  loss  at  any  given  router  or  link,  you  can  determine  which  routers  or 
subnets  might  be  having  network  problems,  pathping  performs  the  equivalent  of  the  tracert  command  by 
identifying  which  routers  are  on  the  path.  It  then  sends  pings  periodically  to  all  of  the  routers  over  a  specified  time 
period  and  computes  statistics  based  on  the  number  returned  from  each.  Used  without  parameters,  pathping 
displays  help. 

Syntax 

pathping  [/n]  [ /h ]  [/g  <Hostlist>]  [/p  <Period>]  [/q  <NumQueries>  [/w  <timeout>]  [/i  <IPaddness>]  [/4  <IPv4>] 

[/6  <IPv6>] [<TangetName>] 


Parameters 

PARAMETER 


DESCRIPTION 


/n 

Prevents  pathping  from  attempting  to  resolve  the  IP 
addresses  of  intermediate  routers  to  their  names.  This  might 
expedite  the  display  of  pathping  results. 

/h 

Specifies  the  maximum  number  of  hops  in  the  path  to  search 
for  the  target  (destination).  The  default  is  30  hops. 

/g 

Specifies  that  the  echo  Request  messages  use  the  Loose 

Source  Route  option  in  the  IP  header  with  the  set  of 
intermediate  destinations  specified  in  Hostlist.  With  loose 
source  routing,  successive  intermediate  destinations  can  be 
separated  by  one  or  multiple  routers.  The  maximum  number 
of  addresses  or  names  in  the  host  list  is  9.  The  Hostlist  is  a 
series  of  IP  addresses  (in  dotted  decimal  notation)  separated 
by  spaces. 

/p 

Specifies  the  number  of  milliseconds  to  wait  between 
consecutive  pings.  The  default  is  250  milliseconds  (1/4 
second). 

/q 

Specifies  the  number  of  echo  Request  messages  sent  to  each 
router  in  the  path.  The  default  is  100  queries. 

/w 

Specifies  the  number  of  milliseconds  to  wait  for  each  reply.  The 
default  is  3000  milliseconds  (3  seconds). 

/i 


Specifies  the  source  address. 


PARAMETER 


DESCRIPTION 


/4 


Specifies  that  pathping  uses  IPv4  only. 


/6 


Specifies  that  pathping  uses  IPv6  only. 


Specifies  the  destination,  which  is  identified  either  by  IP 
address  or  host  name. 


/? 


Displays  help  at  the  command  prompt. 


remarks 


•  pathping  parameters  are  case-sensitive. 

•  To  avoid  network  congestion,  pings  should  be  sent  at  a  sufficiently  slow  pace. 

•  To  minimize  the  effects  of  burst  losses,  do  not  send  pings  too  frequently. 

•  When  using  the  /p  parameter,  pings  are  sent  individually  to  each  intermediate  hop.  Because  of  this,  the  interval 
between  two  pings  sent  to  the  same  hop  is  period  multiplied  by  the  number  of  hops. 

•  When  using  the  /w  parameter,  multiple  pings  can  be  sent  in  parallel.  Because  of  this,  the  amount  of  time 
specified  in  the  timeout  parameter  is  not  bounded  by  the  amount  of  time  specified  in  the  Period  parameter  for 
waiting  between  pings. 

•  This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network  Connections.  ##  Examples  The  following  example  shows  pathping 
command  output: 

D:\>pathping  /n  corpl  Tracing  route  to  corpl  [10.54.1.196]  over  a  maximum  of  30  hops:  0  172.16.87.35  1 
172.16.87.218  2  192.168.52.1  3  192.168.80.1  4  10.54.247.14  5  10.54.1.196  computing  statistics  for  125 
seconds...  Source  to  Here  This  Node/Link  Hop  RTT  Lost/Sent  =  Pet  Lost/Sent  =  Pet  address  0  172.16.87.35  0/ 

100  =  0%  I  1  41ms  0/  100  =  0%  0/  100  =  0%  172.16.87.218  13/  100  =  13%  |  2  22ms  16/  100  =  16%  3/  100  =  3% 
192.168.52.1  0/  100  =  0%  I  3  24ms  13/  100  =  13%  0/  100  =  0%  192.168.80.1  0/  100  =  0%  |  4  21ms  14/  100  =  14% 

1/  100  =  1%  10.54.247.14  0/  100  =  0%  |  5  24ms  13/  100  =  13%  0/  100  =  0%  10.54.1.196  Trace  complete. 

When  pathping  is  run,  the  first  results  list  the  path.  This  is  the  same  path  that  is  shown  using  the  tracert 

command.  Next,  a  busy  message  is  displayed  for  approximately  90  seconds  (the  time  varies  by  hop  count). 

During  this  time,  information  is  gathered  from  all  routers  previously  listed  and  from  the  links  between  them,  at 

the  end  of  this  period,  the  test  results  are  displayed.  In  the  sample  report  above,  the  This  Node/Link, 

Lost/Sent  =  Pet  and  address  columns  show  that  the  link  between  172.16.87.218  and  192.168.52.1  is  dropping 

1 3  percent  of  the  packets.  The  routers  at  hops  2  and  4  also  are  dropping  packets  addressed  to  them,  but  this 

loss  does  not  affect  their  ability  to  forward  traffic  that  is  not  addressed  to  them.  The  loss  rates  displayed  for  the 

links,  identified  as  a  vertical  bar  (|)  in  the  address  column,  indicate  link  congestion  that  is  causing  the  loss  of 

packets  that  are  being  forwarded  on  the  path.  The  loss  rates  displayed  for  routers  (identified  by  their  IP 

addresses)  indicate  that  these  routers  might  be  overloaded.  ##  additional  references 

•  Command-Line  Syntax  Key 


pause 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Suspends  the  processing  of  a  batch  program  and  displays  the  following  prompt: 

Press  any  key  to  continue  .  .  . 


For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

pause 


Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  When  you  run  the  pause  command,  the  following  message  appears: 

Press  any  key  to  continue  .  .  . 

•  If  you  press  CTRL  +  C  to  stop  a  batch  program,  the  following  message  appears: 

Terminate  batch  job  (Y/N)? 

If  you  press  Y  (for  yes)  in  response  to  this  message,  the  batch  program  ends  and  control  returns  to  the 
operating  system. 

•  You  can  insert  the  pause  command  before  a  section  of  the  batch  file  that  you  might  not  want  to  process.  When 
pause  suspends  processing  of  the  batch  program,  you  can  press  CTRL  +  C  and  then  press  Y  to  stop  the  batch 
program. 

Examples 

To  create  a  batch  program  that  prompts  the  user  to  change  disks  in  one  of  the  drives,  type: 

@echo  off 
: Begin 
copy  a:*.* 

echo  Put  a  new  disk  into  drive  A 
pause 

goto  begin 


In  this  example,  all  the  files  on  the  disk  in  drive  A  are  copied  to  the  current  directory.  After  the  message  prompts 
you  to  put  a  new  disk  in  drive  A,  the  pause  command  suspends  processing  so  that  you  can  change  disks  and  then 
press  any  key  to  resume  processing.  This  batch  program  runs  in  an  endless  loop — the  goto  begin  command 
sends  the  command  interpreter  to  the  Begin  label  of  the  batch  file.  To  stop  this  batch  program,  press  CTRL  +  C  and 
then  press  Y. 


Additional  references 

Command-Line  Syntax  Key 


pbadmin 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Pbadmin  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  Pbadmin. 


pentnt 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Pentnt  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  Pentnt. 


perfmon 

4/1 3/2018  *1  min  to  read  •  Edit  Online 


Start  Windows  Reliability  and  Performance  Monitor  in  a  specific  standalone  mode. 

Syntax 

perfmon  </res | report | rel | sys> 


Parameters 


PARAMETER 

DESCRIPTION 

/res 

Start  Resource  View. 

/report 

Start  the  System  Diagnostics  Data  Collector  Set  and  display  a 

report  of  the  results. 

/rel 

Start  Reliability  Monitor. 

/sys 

Start  Performance  Monitor. 

Additional  references 

Windows  Performance  Monitor  [w8] 


ping 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


verifies  IP-level  connectivity  to  another  TCP/IP  computer  by  sending  Internet  Control  Message  Protocol  (ICMP) 
echo  Request  messages.  The  receipt  of  corresponding  echo  Reply  messages  are  displayed,  along  with  round-trip 
times,  ping  is  the  primary  TCP/IP  command  used  to  troubleshoot  connectivity,  reachability,  and  name  resolution. 
Used  without  parameters,  ping  displays  help. 

Syntax 

ping  [/t]  [/a]  [/n  <Count>]  [/I  <Size>]  [/f]  [/I  <TTL>]  [/v  <T0S>]  [/r  <Count>]  [/s  <Count>]  [{/j  <Hostlist>  | 
/k  <Hostlist>}]  [/w  <timeout>]  [ /R ]  [/S  <Srcaddr>]  [/4]  [/ 6]  <TargetName> 


Parameters 

PARAMETER 


DESCRIPTION 


A 

Specifies  that  ping  continue  sending  echo  Request  messages 
to  the  destination  until  interrupted.  To  interrupt  and  display 
statistics,  press  CTRL+ break.  To  interrupt  and  quit  ping,  press 
CTRL+C. 

/a 

Specifies  that  reverse  name  resolution  is  performed  on  the 
destination  IP  address.  If  this  is  successful,  ping  displays  the 
corresponding  host  name. 

/n 

Specifies  the  number  of  echo  Request  messages  sent.  The 
default  is  4. 

/I 

Specifies  the  length,  in  bytes,  of  the  Data  field  in  the  echo 
Request  messages  sent.  The  default  is  32.  The  maximum  Size  is 
65,527. 

/f 

Specifies  that  echo  Request  messages  are  sent  with  the  Do  not 
Fragment  flag  in  the  IP  header  set  to  1  (available  on  IPv4 
only).  The  echo  Request  message  cannot  be  fragmented  by 
routers  in  the  path  to  the  destination.  This  parameter  is  useful 
fortroubleshooting  path  Maximum  Transmission  Unit  (PMTU) 
problems. 

/I 

Specifies  the  value  of  the  TTL  field  in  the  IP  header  for  echo 
Request  messages  sent.  The  default  is  the  default  TTL  value  for 
the  host.  The  maximum  TTL  is  255. 

/v 

Specifies  the  value  of  the  type  of  Service  (TOS)  field  in  the  IP 
header  for  echo  Request  messages  sent  (available  on  IPv4 
only).  The  default  is  0.  TOS  is  specified  as  a  decimal  value  from 

0  through  255. 

PARAMETER 


DESCRIPTION 


/r 

Specifies  that  the  Record  Route  option  in  the  IP  header  is  used 
to  record  the  path  taken  by  the  echo  Request  message  and 
corresponding  echo  Reply  message  (available  on  IPv4  only). 
Each  hop  in  the  path  uses  an  entry  in  the  Record  Route 
option.  If  possible,  specify  a  Count  that  is  equal  to  or  greater 
than  the  number  of  hops  between  the  source  and  destination. 
The  Count  must  be  a  minimum  of  1  and  a  maximum  of  9. 

/s 

Specifies  that  the  Internet  timestamp  option  in  the  IP  header 
is  used  to  record  the  time  of  arrival  for  the  echo  Request 
message  and  corresponding  echo  Reply  message  for  each  hop. 
The  Count  must  be  a  minimum  of  1  and  a  maximum  of  4.  This 
is  required  for  link-local  destination  addresses. 

/j 

Specifies  that  the  echo  Request  messages  use  the  Loose 

Source  Route  option  in  the  IP  header  with  the  set  of 
intermediate  destinations  specified  in  Hostlist  (available  on 

IPv4  only).  With  loose  source  routing,  successive  intermediate 
destinations  can  be  separated  by  one  or  multiple  routers.  The 
maximum  number  of  addresses  or  names  in  the  host  list  is  9. 
The  host  list  is  a  series  of  IP  addresses  (in  dotted  decimal 
notation)  separated  by  spaces. 

/k 

Specifies  that  the  echo  Request  messages  use  the  Strict  Source 
Route  option  in  the  IP  header  with  the  set  of  intermediate 
destinations  specified  in  Hostlist  (available  on  IPv4  only).  With 
strict  source  routing,  the  next  intermediate  destination  must 
be  directly  reachable  (it  must  be  a  neighbor  on  an  interface  of 
the  router).  The  maximum  number  of  addresses  or  names  in 
the  host  list  is  9.  The  host  list  is  a  series  of  IP  addresses  (in 
dotted  decimal  notation)  separated  by  spaces. 

/w 

Specifies  the  amount  of  time,  in  milliseconds,  to  wait  for  the 
echo  Reply  message  that  corresponds  to  a  given  echo  Request 
message  to  be  received.  If  the  echo  Reply  message  is  not 
received  within  the  time-out,  the  "Request  timed  out"  error 
message  is  displayed.  The  default  time-out  is  4000  (4 
seconds). 

/R 

Specifies  that  the  round-trip  path  is  traced  (available  on  IPv6 
only). 

/s 

Specifies  the  source  address  to  use  (available  on  IPv6  only). 

/4 

Specifies  that  IPv4  is  used  to  ping.  This  parameter  is  not 
required  to  identify  the  target  host  with  an  IPv4  address.  It  is 
only  required  to  identify  the  target  host  by  name. 

/6 

Specifies  that  IPv6  is  used  to  ping.  This  parameter  is  not 
required  to  identify  the  target  host  with  an  IPv6  address.  It  is 
only  required  to  identify  the  target  host  by  name. 

Specifies  the  host  name  or  IP  address  of  the  destination. 

/? 


Displays  help  at  the  command  prompt. 


remarks 


•  You  can  use  ping  to  test  both  the  computer  name  and  the  IP  address  of  the  computer.  If  pinging  the  IP  address 
is  successful,  but  pinging  the  computer  name  is  not,  you  might  have  a  name  resolution  problem.  In  this  case, 
ensure  that  the  computer  name  you  are  specifying  can  be  resolved  through  the  local  Hosts  file,  by  using 
Domain  Name  System  (DNS)  queries,  or  through  NetBIOS  name  resolution  techniques. 

•  This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network  Connections.  ##  Examples  The  following  example  shows  ping 
command  output: 

C:\>ping  example.microsoft.com  pinging  example.microsoft.com  [192.168.239.132]  with  32  bytes  of  data:  Reply 
from  192.168.239.132:  bytes=32  time=101ms  TTL=124  Reply  from  192.168.239.132:  bytes=32  time=100ms  TTL=124 
Reply  from  192.168.239.132:  bytes=32  time=120ms  TTL=124  Reply  from  192.168.239.132:  bytes=32  time=120ms 
TTL=124 

To  ping  the  destination  10.0.99.221  and  resolve  10.0.99.221  to  its  host  name,  type:  ping  /a  10.0.99.221  Toping 
the  destination  10.0.99.221  with  10  echo  Request  messages,  each  of  which  has  a  Data  field  of  1000  bytes,  type: 
ping  /n  10  /1  1000  10.0.99.221  To  ping  the  destination  10.0.99.221  and  record  the  route  for  4  hops,  type: 
ping  /r  4  10.0.99.221  To  ping  the  destination  1 0.0.99.221  and  specify  the  loose  source  route  of  10.1 2.0.1  - 
10.29.3.1-10.1.44.1,  type:  ping  /j  10.12.0.1  10.29.3.1  10.1.44.1  10.0.99.221  ##  additional  references 

•  Command-Line  Syntax  Key 


pnpunattend 

4/13/2018  •  1  min  to  read  •  Edit  Online 

Audits  a  computer  for  device  drivers,  and  perform  unattended  driver  installations,  or  search  for  drivers  without 
installing  and,  optionally,  report  the  results  to  the  command  line.  Use  this  command  to  specify  the  installation  of 

specific  drivers  for  specific  hardware  devices.  See  Remarks. 

Syntax 

PnPUnattend.exe  auditSystem  [/help]  [/?]  [ / h ]  [/s]  [ / L ] 

Parameters 

PARAMETER 

DESCRIPTION 

auditSystem 

Specifies  online  driver  install. 

Required,  except  when  pnpunattend  is  run  with  either  the 
/Help  or  /?  parameters. 

/s 

Optional.  Specifies  to  search  for  drivers  without  installing. 

Optional.  Specifies  to  display  the  log  information  for  this 
command  in  the  command  prompt. 

/?  Optional.  Displays  help  for  this  command  at  the  command 

prompt. 


Remarks 

Preliminary  preparation  is  required.  Prior  to  using  this  command,  you  must  complete  the  following  tasks: 

1 .  Create  a  directory  for  the  drivers  you  want  to  install.  For  example,  create  a  folder  at  C:\Drivers\Video  for  video 
adapter  drivers. 

2.  Download  and  extract  the  driver  package  for  your  device.  Copy  the  contents  of  the  subfolder  that  contains  the 
INF  file  for  your  version  of  the  operating  system  and  any  subfolders  to  the  video  folder  that  you  created.  For 
example,  copy  the  video  driver  files  to  C:\Drivers\Video. 

3.  Add  a  system  environment  path  variable  to  the  folder  you  created  in  step  1  .For  example,  C:\Drivers\Video. 

4.  Create  the  following  registry  key,  and  then  for  the  DriverPaths  key  you  create,  set  the  Value  Data  to  1. 

5.  For  Windows®  7  navigate  the  Registry  path:  HKEY_LOCAL_Machine\Software\Microsoft\Windows 
NT\CurrentVersionY  and  then  create  the  keys:  UnattendSettings\PnPUnattend\DriverPaths\ 

6.  For  Windows  Vista,  navigate  to  the  Registry  path:  HK_LM\Software\Microsoft\Windows 
NT\CurrentVersion\,  and  then  create  the  keys  =  \UnattendSettings\PnPUnattend\DriverPaths. 

Examples 

The  following  example  command  shows  how  to  use  the  PNPUnattend.exe  to  audit  a  computer  for  possible 

driver  updates,  and  then  report  the  findings  to  the  Command  Prompt 


pnpunattend  auditsystem  /s  /I 


Additional  references 

Command-Line  Syntax  Key 


pnputil 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Pnputil.exe  is  a  command  line  utility  that  you  can  use  to  manage  the  driver  store.  You  can  use  Pnputil  to  add  driver 
packages,  remove  driver  packages,  and  list  driver  packages  that  are  in  the  store. 

Syntax 

pnputil.exe  [-f  |  -i]  [  -?  |  -a  |  -d  |  -e  ]  <INF  name> 


Parameters 


PARAMETER 

DESCRIPTION 

-a 

Specifies  to  add  the  identified  INF  file. 

-d 

Specifies  to  delete  the  identified  INF  file. 

-e 

Specifies  to  enumerate  all  third-party  INF  files. 

-f 

Specifies  to  force  the  deletion  of  the  identified  INF  file.  Cannot 
be  used  in  conjunction  with  the-i  parameter. 

-i 

Specifies  to  install  the  identified  INF  file.  Cannot  be  used  in 
conjunction  with  the  -f  parameter. 

/?  Displays  help  at  the  command  prompt. 


Remarks 

Examples 

•  pnputil.exe  -a  a:\usbcam\USBCAM.IN  F  Adds  the  INF  file  that  is  specified  by  USBCAM.INF 

•  pnputil.exe -a  c:\drivers*. inf  Adds  all  INF  files  in  c:\drivers\ 

•  pnputil.exe  -i  -a  a:\usbcam\USBCAM.INF  Adds  and  installs  the  specified  driver. 

•  pnputil.exe  -e  Enumerates  all  third-party  drivers. 

•  pnputil.exe  -d  oemO.inf  Deletes  the  specified. 

•  pnputil.exe  -f  -d  oemO.inf  Forces  the  deletion  of  the  specified  INF  file. 

Additional  references 

Command-Line  Syntax  Key 

Popd 


popd 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

changes  the  current  directory  to  the  directory  that  was  most  recently  stored  by  the  pushd  command,  for  examples 
of  how  to  use  this  command,  see  Examples. 

Syntax 

popd 

Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  Every  time  you  use  the  pushd  command,  a  single  directory  is  stored  for  your  use.  However,  you  can  store 
multiple  directories  by  using  the  pushd  command  multiple  times.  The  directories  are  stored  sequentially  in  a 
virtual  stack.  If  you  use  the  pushd  command  once,  the  directory  in  which  you  use  the  command  is  placed  at  the 
bottom  of  the  stack.  If  you  use  the  command  again,  the  second  directory  is  placed  on  top  of  the  first  one.  The 
process  repeats  every  time  you  use  the  pushd  command.  You  can  use  the  popd  command  to  change  the 
current  directory  to  the  directory  most  recently  stored  by  the  pushd  command.  If  you  use  the  popd  command, 
the  directory  on  the  top  of  the  stack  is  removed  from  the  stack  and  the  current  directory  is  changed  to  that 
directory.  If  you  use  the  popd  command  again,  the  next  directory  on  the  stack  is  removed. 

•  When  command  extensions  are  enabled,  the  popd  command  removes  any  drive-letter  assignations  created  by 
pushd.  ##  Examples  The  following  example  shows  how  you  can  use  the  pushd  command  and  the  popd 
command  in  a  batch  program  to  change  the  current  directory  from  the  one  in  which  the  batch  program  was 
run  and  then  change  it  back: 

@echo  off  rem  This  batch  file  deletes  all  .txt  files  in  a  specified  directory  pushd  %1  del  *.txt  popd  els 
echo  All  text  files  deleted  in  the  %1  directory 

##  additional  references 

•  pushd 

•  Command-Line  Syntax  Key 


Power  Shell 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Windows  PowerShell™  is  a  task-based  command-line  shell  and  scripting  language  designed  especially  for  system 
administration.  Built  on  the  .NET  Framework,  Windows  PowerShell  helps  IT  professionals  and  power  users  control 
and  automate  the  administration  of  the  Windows  operating  system  and  applications  that  run  on  Windows. 

The  PowerShell.exe  command-line  tool  starts  a  Windows  PowerShell  session  in  a  Command  Prompt  window. 
When  you  use  PowerShell.exe,  you  can  use  its  optional  parameters  to  customize  the  session.  For  example,  you 
can  start  a  session  that  uses  a  particular  execution  policy  or  one  that  excludes  a  Windows  PowerShell  profile. 
Otherwise,  the  session  is  the  same  as  any  session  that  is  started  in  the  Windows  PowerShell  console. 

Using  PowerShell.exe 

You  can  use  the  PowerShell.exe  command-line  tool  to  start  a  Windows  PowerShell  session  in  a  Command 
Prompt  window. 

1.  To  start  a  Windows  PowerShell  session  in  a  Command  Prompt  window,  type  PowerShell  .  A  PS  prefix  is  added 
to  the  command  prompt  to  indicate  that  you  are  in  a  Windows  PowerShell  session. 

2.  To  start  a  session  with  a  particular  execution  policy,  use  the  ExecutionPolicy  parameter. 

PowerShell.exe  -ExecutionPolicy  Restricted 

3.  To  start  a  Windows  PowerShell  session  without  your  Windows  PowerShell  profiles,  use  the  NoProfile 
parameter. 

PowerShell.exe  -NoProfile 

4.  To  start  a  session  ,  use  the  ExecutionPolicy  parameter. 

PowerShell.exe  -ExecutionPolicy  Restricted 

5.  To  see  the  PowerShell.exe  help  file,  use  the  following  command  format. 

PowerShell.exe  -help,  -?,  /? 

6.  To  end  a  Windows  PowerShell  session  in  a  Command  Prompt  window,  type  exit  .  The  typical  command 
prompt  returns. 

For  a  complete  list  of  the  PowerShell.exe  command-line  parameters,  see  about_PowerShell.Exe. 

Other  Ways  to  Start  Windows  PowerShell 

For  information  about  other  ways  to  start  Windows  PowerShell,  see  Starting  Windows  PowerShell. 

Remarks 

Windows  PowerShell  runs  on  the  Server  Core  installation  option  of  Windows  Server  operating  systems.  However, 
features  that  require  a  graphic  user  interface,  such  as  the  Windows  PowerShell  Integrated  Scripting  Environment 
(ISE),  and  the  Out-GridView  and  Show-Command  cmdlets,  do  not  run  on  Server  Core  installations. 

# 
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Power  Shel  IJse 
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Windows  PowerShell  Integrated  Scripting  Environment  (ISE)  is  a  graphical  host  application  that  enables  you  to 
read,  write,  run,  debug,  and  test  scripts  and  modules  in  a  graphic-assisted  environment.  Key  features  such  as 
IntelliSense,  Show-Command,  snippets,  tab  completion,  syntax-coloring,  visual  debugging,  and  context-sensitive 
Help  provide  a  rich  scripting  experience. 

The  PowerShell_ISE.exe  tool  starts  a  Windows  PowerShell  ISE  session.  When  you  use  PowerShell_ISE.exe, 
you  can  use  its  optional  parameters  to  open  files  in  Windows  PowerShell  ISE  or  to  start  a  Windows  PowerShell 
ISE  session  with  no  profile  or  with  a  multithreaded  apartment. 

PowerShell_ISE.exe  was  introduced  in  Windows  PowerShell  2.0  and  expanded  significantly  in  Windows 
PowerShell  3.0. 

Using  PowerShell_ISE.exe 

You  can  use  PowerShell_ISE.exe  to  start  and  end  a  Windows  PowerShell  session  as  follows: 

•  To  start  a  Windows  PowerShell  ISE  session,  in  a  Command  Prompt  window,  in  Windows  PowerShell,  or  at  the 
Start  menu,  type: 

PowerShell_Ise 

•  To  open  a  script  (.psl),  script  module  (.psml),  module  manifest  (.psdl),  XML  file,  or  any  other  supported  file  in 
Windows  PowerShell  ISE,  use  the  following  command  format: 

PowerShell_Ise  <FilePath> 

In  Windows  PowerShell  3.0,  you  can  use  the  optional  File  parameter  as  follows: 

PowerShell_Ise  -File  <FilePath> 

•  To  start  a  Windows  PowerShell  ISE  session  without  your  Windows  PowerShell  profiles,  use  the  NoProfile 
parameter.  (The  NoProfile  parameter  is  introduced  in  Windows  PowerShell  3.0.) 

PowerShell_Ise  -NoProfile 

•  To  see  the  PowerShell_ISE.exe  Help  file  in  a  Command  Prompt  window,  use  the  following  command  format: 

PowerShell_Ise  -help,  -?,  /? 

For  a  complete  list  of  the  PowerShell_ISE.exe  command-line  parameters,  see  about_PowerShellJse.exe. 

Start  Windows  PowerShell  ISE  in  other  ways 

For  information  about  other  ways  to  start  Windows  PowerShell  ISE,  see  Starting  Windows  PowerShell. 

Remarks 

Windows  PowerShell  runs  on  the  Server  Core  installation  option  of  Windows  Server  operating  systems.  However, 
because  Windows  PowerShell  ISE  requires  a  graphic  user  interface,  it  does  not  run  on  Server  Core  installations. 

• 
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print 
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Sends  a  text  file  to  a  printer. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

Print  [/d : <PrinterName>]  [<Drive> : ] [<Path>]<FileName>[  . 

...] 

Parameters 

PARAMETER 

DESCRIPTION 

/d:<PrinterName> 

Specifies  the  printer  that  you  want  to  print  the  job.  To  print  to 
a  locally  connected  printer,  specify  the  port  on  your  computer 
where  the  printer  is  connected. 

-  Valid  values  for  parallel  ports  are  LPT1,  LPT2,  and  LPT3. 

-  Valid  values  for  serial  ports  are  COM1,  COM2,  COM3,  and 
COM4. 

You  can  also  specify  a  network  printer  by  using  its  queue 
name  (\\Server/Vame*PrinterName*).  If  you  do  not  specify  a 
printer,  the  print  job  is  sent  to  LPT1  by  default. 

<Drive>: 

Specifies  the  logical  or  physical  drive  where  the  file  you  want 
to  print  is  located.  This  parameter  is  not  required  if  the  file  you 
want  to  print  is  located  on  the  current  drive. 

<Path> 

Specifies  the  location  of  the  file  you  want  to  print.  This 
parameter  is  not  required  if  the  file  you  want  to  print  is 
located  in  the  current  directory. 

<FileName>[ ...] 

Required.  Specifies  the  file  you  want  to  print.  You  can  include 
multiple  files  in  one  command. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  A  file  can  print  in  the  background  if  you  send  it  to  a  printer  connected  to  a  serial  or  parallel  port  on  the  local 
computer. 

•  You  can  perform  many  configuration  tasks  from  the  command  prompt  by  using  the  Mode  command. 

See  Mode  for  more  information  about: 

o  Configuring  a  printer  connected  to  a  parallel  port 
o  Configuring  a  printer  connected  to  a  serial  port 
o  Displaying  the  status  of  a  printer 

Preparing  a  printer  for  code  page  switching 


o 


Examples 

To  send  the  file  Report.txt  in  the  current  directory  to  a  printer  connected  to  LPT2  on  the  local  computer,  type: 

print  /d:lpt2  report.txt 

To  send  the  file  Report.txt  in  the  c:\Accounting  directory  to  the  Printerl  print  queue  on  the  \\CopyRoom  server, 
type: 

print  /d : \\copyroom\printerl  c:\accounting\report.txt 

Additional  references 

Command-Line  Syntax  Key 

Print  Command  Reference 
Mode 


prncnfg 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Configures  or  displays  configuration  information  about  a  printer. 

Syntax 

cscript  Prncnfg  {-g  |  -t  |  -x  |  -?}  [-S  <ServerName>]  [-P  <printerName>]  [-z  <NewprinterName>]  [-u  <UserName>] 
[ -w  <Password>]  [-r  <PortName>]  [-1  <Location>]  [-h  <Sharename>]  [-m  <Comment>]  [-f  <SeparatorFileName>]  [-y 
<Datatype>]  [-st  <stanttime>]  [-ut  <Untiltime>]  [-i  <DefaultPriority>]  [-o  <Priority>]  [<+ | ->shared]  [<+|- 
>direct]  [<+| ->hidden]  [<+| ->published]  [<+| ->rawonly]  [<+ | ->queued]  [<+ | ->enablebidi]  [<+| ->keepprintedjobs] 
[<+| ->workoffline]  [<+| ->enabledevq]  [<+| ->docompletefirst] 


Parameters 

PARAMETER  DESCRIPTION 


-g 

Displays  configuration  information  about  a  printer. 

-t 

Configures  a  printer. 

-x 

renames  a  printer. 

-S 

Specifies  the  name  of  the  remote  computer  that  hosts  the 
printer  that  you  want  to  manage.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 

-P 

Specifies  the  name  of  the  printer  that  you  want  to  manage. 
Required. 

-z 

Specifies  the  new  printer  name.  Requires  the  -x  and  -P 
parameters. 

-u  -w 

Specifies  an  account  with  permissions  to  connect  to  the 
computer  that  hosts  the  printer  that  you  want  to  manage.  All 
members  of  the  target  computer's  local  Administrators  group 
have  these  permissions,  but  the  permissions  can  also  be 
granted  to  other  users.  If  you  do  not  specify  an  account,  you 
must  be  logged  on  under  an  account  with  these  permissions 
for  the  command  to  work. 

-r 

Specifies  the  port  where  the  printer  is  connected.  If  this  is  a 
parallel  or  a  serial  port,  then  use  the  ID  of  the  port  (for 
example,  LPT1  or  COM1).  If  this  is  a  TCP/IP  port,  use  the  port 
name  that  was  specified  when  the  port  was  added. 

-1 

Specifies  the  printer  location,  such  as  "copy  Room." 

PARAMETER 


DESCRIPTION 


-h 

Specifies  the  printer's  share  name. 

-m 

Specifies  the  printer's  comment  string. 

-f 

Specifies  a  file  that  contains  the  text  that  appears  on  the 
separator  page. 

-y 

Specifies  the  data  types  that  the  printer  can  accept. 

-st 

Configures  the  printer  for  limited  availability.  Specifies  the  time 
of  day  the  printer  is  available.  If  you  send  a  document  to  a 
printer  when  it  is  unavailable,  the  document  is  held  (spooled) 
until  the  printer  becomes  available.  You  must  specify  time  as  a 
24-hour  clock.  For  example,  to  specify  1 1 :00  RM.,  type  2300. 

-ut 

Configures  the  printer  for  limited  availability.  Specifies  the  time 
of  day  the  printer  is  no  longer  available.  If  you  send  a 
document  to  a  printer  when  it  is  unavailable,  the  document  is 
held  (spooled)  until  the  printer  becomes  available.  You  must 
specify  time  as  a  24-hour  clock.  For  example,  to  specify  1 1 :00 
RM.,  type  2300. 

-o 

Specifies  a  priority  that  the  spooler  uses  to  route  print  jobs 
into  the  print  queue.  A  print  queue  with  a  higher  priority 
receives  all  its  jobs  before  any  queue  with  a  lower  priority. 

-i 

Specifies  the  default  priority  assigned  to  each  print  job. 

{+|-}shared 

Specifies  whether  this  printer  is  shared  on  the  network. 

{+ |-}direct 

Specifies  whether  the  document  should  be  sent  directly  to  the 
printer  without  being  spooled. 

{+|-}published 

Specifies  whether  this  printer  should  be  published  in  active 
directory.  If  you  publish  the  printer,  other  users  can  search  for 
it  based  on  its  location  and  capabilities  (such  as  color  printing 
and  stapling). 

{+|-}hidden 

Reserved  function. 

{+|-}rawonly 

Specifies  whether  only  raw  data  print  jobs  can  be  spooled  in 
this  queue. 

{+  |  -}queued 

Specifies  that  the  printer  should  not  begin  to  print  until  after 
the  last  page  of  the  document  is  spooled.  The  printing 
program  is  unavailable  until  the  document  has  finished 
printing.  Flowever,  using  this  parameter  ensures  that  the 
whole  document  is  available  to  the  printer. 

{+  |  -}keepprintedjobs 

Specifies  whether  the  spooler  should  retain  documents  after 
they  are  printed.  Enabling  this  option  allows  a  user  to 
resubmit  a  document  to  the  printer  from  the  print  queue 
instead  of  from  the  printing  program. 

PARAMETER 


DESCRIPTION 


{+  |  -Jworkoffline 

Specifies  whether  a  user  is  able  to  send  print  jobs  to  the  print 
queue  if  the  computer  is  not  connected  to  the  network. 

{+  |  -}enabledevq 

Specifies  whether  print  jobs  that  do  not  match  the  printer 
setup  (for  example,  PostScript  files  spooled  to  non- PostScript 
printers)  should  be  held  in  the  queue  rather  than  being 
printed. 

{+  |  -}docompletefirst 

Specifies  whether  the  spooler  should  send  print  jobs  with  a 
lower  priority  that  have  completed  spooling  before  sending 
print  jobs  with  a  higher  priority  that  have  not  completed 
spooling.  If  this  option  is  enabled  and  no  documents  have 
completed  spooling,  the  spooler  will  send  larger  documents 
before  smaller  ones.  You  should  enable  this  option  if  you  want 
to  maximize  printer  efficiency  at  the  cost  of  job  priority.  If  this 
option  is  disabled,  the  spooler  always  sends  higher  priority 
jobs  to  their  respective  queues  first. 

{+  |  -}enablebidi 

Specifies  whether  the  printer  sends  status  information  to  the 
spooler. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  The  prncnfg  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  prncnfg  file, 
or  change  directories  to  the  appropriate  folder.  For  example: 

cscript  %WINdir%\System32\printing_Admin_Scripts\en-US\prncnfg 

•  if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 

"computer  Name"  ).  ##  Examples  To  display  configuration  information  for  the  printer  named  colorprinter_2  with 
a  print  queue  hosted  by  the  remote  computer  named  HRServer,  type: 

To  configure  a  printer  named  colorprinter_2  so  that  the 
keeps  print  jobs  after  they  have  been  printed,  type: 

cscript  prncnfg  -t  -S  HRServer  -P  colorprinter_2  +keepprintedjobs  To  change  the  name  of  a  printer  on  the 
remote  computer  named  HRServer  from  colorprinter_2  to  colorprinter  3,  type: 

cscript  prncnfg  -x  -S  HRServer  -P  colorprinter_2  -z  "colorprinter  3"  ####  additional  references  Command- 
Line  Syntax  Key  print  Command  Reference 


cscript  prncnfg  -g  -S  HRServer  -P  colorprinter_2 
spooler  in  the  remote  computer  named  HRServer 


prndrvr 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

adds,  deletes,  and  lists  printer  drivers. 

Syntax 

cscript  prndrvr  {-a  |  -d  |  -1  |  -x  |  -?}  [-m  <model>]  [-v  {0 | 1 | 2 | 3} ] 

[-e  <environment>]  [-s  <ServerName>]  [-u  <UserName>]  [-w  <Password>] 

[-h  <path>]  [-i  <inf  file>] 

Parameters 


PARAMETER 

DESCRIPTION 

-a 

Installs  a  driver. 

-d 

-1 

deletes  a  driver. 

lists  all  printer  drivers  installed  on  the  server  specified  by  the  - 
s  parameter.  If  you  do  not  specify  a  server,  Windows  lists  the 
printer  drivers  installed  on  the  local  computer. 

-x 

deletes  all  printer  drivers  and  additional  printer  drivers  not  in 
use  by  a  logical  printer  on  the  server  specified  by  the  -s 
parameter.  If  you  do  not  specify  a  server  to  remove  from  the 
list,  Windows  deletes  all  unused  printer  drivers  on  the  local 
computer. 

-m 

Specifies  (by  name)  the  driver  you  want  to  install.  Drivers  are 
often  named  for  the  model  of  printer  they  support.  See  the 
printer  documentation  for  more  information. 

-v  {0  |  1  |  2  |  3} 

Specifies  the  version  of  the  driver  you  want  to  install.  See  the 
description  of  the  -eparameter  for  information  on  which 
versions  are  available  for  which  environment.  If  you  do  not 
specify  a  version,  the  version  of  the  driver  appropriate  for  the 
version  of  Windows  running  on  the  computer  where  you  are 
installing  the  driver  is  installed. 

-  version  0  supports  Windows  95,  Windows  98,  and  Windows 
Millennium  edition. 

-  version  1  supports  Windows  NT  3.51. 

-  version  2  supports  Windows  NT  4.0. 

-  version  3  supports  Windows  Vista,  Windows  XR  Windows 
2000,  and  the  Windows  Server  2003  operating  systems.  Note 
that  this  is  the  only  printer  driver  version  that  Windows  Vista 
supports. 

PARAMETER 


DESCRIPTION 


-e 

Specifies  the  environment  for  the  driver  you  want  to  install.  If 
you  do  not  specify  an  environment,  the  environment  of  the 
computer  where  you  are  installing  the  driver  is  used.  The 
supported  environment  parameters  are: 

-  "Windows  NT  x86" 

-  "Windows  x64" 

-  "Windows  IA64" 

-s 

Specifies  the  name  of  the  remote  computer  that  hosts  the 
printer  that  you  want  to  manage.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 

-u  -w 

Specifies  an  account  with  permissions  to  connect  to  the 
computer  that  hosts  the  printer  that  you  want  to  manage.  All 
members  of  the  target  computer's  local  Administrators  group 
have  these  permissions,  but  the  permissions  can  also  be 
granted  to  other  users.  If  you  do  not  specify  an  account,  you 
must  be  logged  on  under  an  account  with  these  permissions 
for  the  command  to  work. 

-h 

Specifies  the  path  to  the  driver  file.  If  you  do  not  specify  a 
path,  the  path  to  the  location  where  Windows  was  installed  is 
used. 

-i  <Filename.inf> 

Specifies  the  complete  path  and  file  name  for  the  driver  you 
want  to  install.  If  you  do  not  specify  a  file  name,  the  script 
uses  one  of  the  inbox  printer  .inf  files  in  the  inf  subdirectory  of 
the  Windows  directory. 

if  the  driver  path  is  not  specified,  the  script  searches  for  driver 
files  in  the  driver.cab  file. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  The  prndrvr  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  prndrvr  file, 
or  change  directories  to  the  appropriate  folder.  For  example: 

cscript  %WINdir%\System32\printing_Admin_Scripts\en-US\prndrvr 

•  if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 

"computer  Name"  ). 

•  The  -x  option  deletes  all  additional  printer  drivers  (drivers  installed  for  use  on  clients  running  alternate  versions 
of  Windows),  even  if  the  primary  driver  is  in  use.  If  the  fax  component  is  installed,  this  option  also  deletes  fax 
drivers.  The  primary  fax  driver  is  deleted  if  it  is  not  in  use  (that  is,  if  there  is  no  queue  using  it).  If  the  primary  fax 
driver  is  deleted,  the  only  way  to  re-enable  fax  is  to  reinstall  the  fax  component. 

•  Used  without  parameters,  prndrvr  displays  command-line  help  for  the  prndrvr  command.  ##  Examples  To  list 
all  drivers  on  the  WprintServerl  server,  type:  cscript  Prndrvr  -l  -s  To  add  a  version  3  Windows  x64  printer 

driver  for  the  "Laser  printer  model  1 "  model  of  printer  using  the  C:\temp\Laserprinter1  .inf  driver  information 
file  for  a  driver  stored  in  the  C:\temp  folder  type: 

cscript  Prndrvr  -a  -m  "Laser  printer  model  1"  -v  3  - 

e  "Windows  x64"  -i  c:\temp\Laserprinterl.inf  -h  c:\temp 

To  delete  a  version  3  Windows  NT  x86  printer  driver  for  "Laser  printer  model  1 ",  type: 

cscript  Prndrvr  -a  -m  "Laser  printer  model  1"  -v  3  - 

e  "windows  nt  x86"  ####  additional  references 

Command-Line  Syntax  Key  print  Command  Reference 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


pauses,  resumes,  cancels,  and  lists  print  jobs. 

Syntax 

cscript  Prnjobs  {-z  |  -m  |  -x  |  -1  |  -?}  [-s  <ServerName>] 

[-p  <printerName>]  [-j  <DobID>]  [-u  <UserName>]  [-w  <Password>] 


Parameters 


PARAMETER 

DESCRIPTION 

-z 

pauses  the  print  job  specified  with  the  -j  parameter. 

-m 

Resumes  the  print  job  specified  with  the  -j  parameter. 

-x 

Cancels  the  print  job  specified  with  the  -j  parameter. 

-1 

lists  all  the  print  jobs  in  a  print  queue. 

-s 

Specifies  the  name  of  the  remote  computer  that  hosts  the 
printer  that  you  want  to  manage.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 

-P 

Specifies  the  name  of  the  printer  that  you  want  to  manage. 
Required. 

-j 

Specifies  (by  ID  number)  the  print  job  you  want  to  cancel. 

-u  -w 

Specifies  an  account  with  permissions  to  connect  to  the 
computer  that  hosts  the  printer  that  you  want  to  manage.  All 
members  of  the  target  computer's  local  Administrators  group 
have  these  permissions,  but  the  permissions  can  also  be 
granted  to  other  users.  If  you  do  not  specify  an  account,  you 
must  be  logged  on  under  an  account  with  these  permissions 
for  the  command  to  work. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  The  prnjobs  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  prnjobs  file, 
or  change  directories  to  the  appropriate  folder.  For  example: 


c script  %WINdir%\System32\printing_Admin_Scripts\en-US\prnjobs 

if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 
"computer  Name"  ).  ##  Examples  To  pause  a  printjob  with  a  job  ID  of  27  sent  to  the  remote  computer  named 
HRServer  for  printing  on  the  printer  named  colorprinter,  type: 

cscript  prnjobs  -z  -s  HRServer  -p  colorprinter  -j  27  To  list  all  current  print  jobs  in  the  queue  for  the  local 
printer  named  colorprinter_2,  type:  cscript  prnjobs  -l  -p  coiorprinter_2  ####  additional  references 
Command-Line  Syntax  Key  print  Command  Reference 


prnmngr 

10/17/2017  •  2  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

adds,  deletes,  and  lists  printers  or  printer  connections,  in  addition  to  setting  and  displaying  the  default  printer. 

Syntax 

cscript  Prnmngr  {-a  |  -d  |  -x  |  -g  |  -t  |  -1  |  -?}[c] 
[-p  <printerName>]  [-m  <printermodel>]  [-r  <Portl\lame>] 
[ -w  <Password>] 

[ - s  <ServerName>] 

[ - u  <UserName>] 

Parameters 

PARAMETER 

DESCRIPTION 

-a 

adds  a  local  printer  connection. 

-d 

deletes  a  printer  connection. 

-x 

deletes  all  printers  from  the  server  specified  with  the  -s 
parameter.  If  you  do  not  specify  a  server,  Windows  deletes  all 
printers  on  the  local  computer. 

-g 

Displays  the  default  printer. 

-t 

Sets  the  default  printer  to  the  printer  specified  by  the  -p 
parameter. 

-1 

lists  all  printers  installed  on  the  server  specified  by  the  -s 
parameter.  If  you  do  not  specify  a  server,  Windows  lists  the 
printers  installed  on  the  local  computer. 

c 

Specifies  that  the  parameter  applies  to  printer  connections. 

Can  be  used  with  the  -a  and  -x  parameters. 

-s 

Specifies  the  name  of  the  remote  computer  that  hosts  the 
printer  that  you  want  to  manage.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 

-P 

Specifies  the  name  of  the  printer  that  you  want  to  manage. 

-m 

Specifies  (by  name)  the  driver  you  want  to  install.  Drivers  are 
often  named  for  the  model  of  printer  they  support.  See  the 
printer  documentation  for  more  information. 

PARAMETER 


DESCRIPTION 


-r  Specifies  the  port  where  the  printer  is  connected.  If  this  is  a 

parallel  or  a  serial  port,  use  the  ID  of  the  port  (for  example, 
LPT1:  or  COM1:).  If  this  is  a  TCP/IP  port,  use  the  port  name 
that  was  specified  when  the  port  was  added. 


-u  -w  Specifies  an  account  with  permissions  to  connect  to  the 

computer  that  hosts  the  printer  that  you  want  to  manage.  All 
members  of  the  target  computer's  local  Administrators  group 
have  these  permissions,  but  the  permissions  can  also  be 
granted  to  other  users.  If  you  do  not  specify  an  account,  you 
must  be  logged  on  under  an  account  with  these  permissions 
for  the  command  to  work. 


/?  Displays  help  at  the  command  prompt. 

remarks 

•  The  prndrvr  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  prnmngr 
file,  or  change  directories  to  the  appropriate  folder.  For  example: 

cscript  %WINdir%\System32\printing_Admin_Scripts\en-US\prnmngr 

•  if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 

"computer  Name"  ).  ##  Examples  To  add  a  printer  named  colorprinter_2  that  is  connected  to  LPT1  on  the  local 
computer  and  requires  a  printer  driver  called  color  printer  Driverl,  type: 

cscript  prnmngr  -a  -p  colorprinter_2  -m  "color  printer  Driverl"  -r  lptl:  To  delete  the  printer  named 
colorprinter_2  from  the  remote  computer  named  HRServer,  type: 

cscript  prnmngr  -d  -s  HRServer  -p  coiorprinter_2  ####  additional  references  Command-Line  Syntax  Key  print 
Command  Reference 


prnport 

10/24/2017  •  3  min  to  read  •  Edit  Online 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

creates,  deletes,  and  lists  standard  TCP/IP  printer  ports,  in 

addition  to  displaying  and  changing  port  configuration. 

Syntax 

cscript  prnport  {-a  |  -d  |  -1  |  -g  |  -t  |  -?}  [-r  <PortName>] 

[ - s  <ServerName>]  [-u  <UserName>]  [-w  <Password>]  [-o  {raw  |  lpr}] 

[-h  <Hostaddress>]  [-q  <QueueName>]  [-n  <PortNumber>]  -m{e  |  d} 

[-i  <SNMPIndex>]  [-y  <CommunityName>]  -2{e  |  -d} 

Parameters 

PARAMETER 

DESCRIPTION 

-a 

creates  a  standard  TCP/IP  printer  port. 

-d 

deletes  a  standard  TCP/IP  printer  port. 

-1 

lists  all  standard  TCP/IP  printer  ports  on  the  computer 
specified  with  the  -s  parameter. 

-g 

Displays  the  configuration  of  a  standard  TCP/IP  printer  port. 

-t 

Configures  the  port  settings  for  a  standard  TCP/IP  printer 
port. 

-r 

Specifies  the  port  to  which  the  printer  is  connected. 

-s 

Specifies  the  name  of  the  remote  computer  that  hosts  the 
printer  that  you  want  to  manage.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 

-u  -w 

Specifies  an  account  with  permissions  to  connect  to  the 
computer  that  hosts  the  printer  that  you  want  to  manage.  All 
members  of  the  target  computer's  local  Administrators  group 
have  these  permissions,  but  the  permissions  can  also  be 
granted  to  other  users.  If  you  do  not  specify  an  account,  you 
must  be  logged  on  under  an  account  with  these  permissions 
for  the  command  to  work. 

-o  {raw  |  lpr} 

Specifies  which  protocol  the  port  uses:  TCP  raw  or  TCP  lpr.  If 
you  use  TCP  raw,  you  can  optionally  specify  the  port  number 
by  using  the  -n  parameter.  The  default  port  number  is  9100. 

PARAMETER 


DESCRIPTION 


-h 

Specifies  (by  IP  address)  the  printer  for  which  you  want  to 
configure  the  port. 

-q 

Specifies  the  queue  name  for  a  TCP  raw  port. 

-n 

Specifies  the  port  number  for  a  TCP  raw  port.  The  default  port 
number  is  9100. 

-m{e  |  d} 

Specifies  whether  SNMP  is  enabled.  The  parameter  e  enables 
SNMP  The  parameter  d  disables  SNMP 

-i  <SNMPIndex 

Specifies  the  SNMP  index,  if  SNMP  is  enabled.  For  more 
information,  see  Rfc  1759  at  the  Rfc  editor  Web  site 

(https://go.microsoft.com/fwlink/?Linkld=569). 

-y 

Specifies  the  SNMP  community  name,  if  SNMP  is  enabled. 

-2{e  |  -d} 

Specifies  whether  double  spools  (also  known  as  respooling) 
are  enabled  for  TCP  Ipr  ports.  Double  spools  are  necessary 
because  TCP  Ipr  must  include  an  accurate  byte  count  in  the 
control  file  that  is  sent  to  the  printer,  but  the  protocol  cannot 
get  the  count  from  the  local  print  provider.  Therefore,  when  a 
file  is  spooled  to  a  TCP  Ipr  print  queue,  it  is  also  spooled  as  a 
temporary  file  in  the  system32  directory.  TCP  Ipr  determines 
the  size  of  the  temporary  file  and  sends  the  size  to  the  server 
running  LPD.  The  parameter  e  enables  double  spools.  The 
parameter  d  disables  double  spools. 

/?  Displays  help  at  the  command  prompt. 

remarks 

•  The  prnport  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  prnport  file, 
or  change  directories  to  the  appropriate  folder.  For  example: 

cscript  %WINdir%\System32\printing_Admin_Scripts\en-US\prnport 

•  if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 

"computer  Name"  ). 

•  The  TCP  raw  protocol  is  a  higher  performance  protocol  on  Windows  than  the  Ipr  protocol.  ##  Examples  To 
display  all  standard  TCP/IP  printing  ports  on  the  server  \\Server1,  type:  cscript  prnport  -l  -s  serveri  To 
delete  the  standard  TCP/IP  printing  port  on  the  server  \\Server1  that  connects  to  a  network  printer  at  10.2.3.4, 
type:  cscript  prnport  -d  -s  serveri  -r  ip_i0.2.3.4  To  add  a  standard  TCP/IP  printing  port  on  the  server 
WServerl  that  connects  to  a  network  printer  at  10.2.3.4  and  uses  the  TCP  raw  protocol  on  port  9100,  type: 

cscript  prnport  -a  -s  Serveri  -r  IP_10.2.3.4  -h  10.2.3.4  -o  raw  -n  9100  To  enable  S N  M P,  specify  the  "public" 
community  name  and  set  the  SNMP  index  to  1  on  a  network  printer  at  10.2.3.4  shared  by  the  server  WServerl, 
type:  cscript  prnport  -t  -s  Serveri  -r  IP_10.2.3.4  -me  -y  public  -i  1  -n  9100  To  add  a  Standard  TC P/I P 
printing  port  on  the  local  computer  that  connects  to  a  network  printer  at  1 0.2. 3.4  and  automatically  get  the 
device  settings  from  the  printer,  type:  cscript  prnport  -a  -r  ip_i0.2.3.4  -h  10.2.3.4  ####  additional 
references  Command-Line  Syntax  Key  print  Command  Reference 


prnqctl 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

prints  a  test  page,  pauses  or  resumes  a  printer,  and  clears  a  printer  queue. 

Syntax 

cscript  Prnqctl  {-z  |  -m  |  -e  |  -x  |  -?}  [-s  <ServerName>] 

[-p  <printerName>]  [-u  <UserName>]  [-w  <Password>] 


Parameters 

PARAMETER 

DESCRIPTION 

-z 

pauses  printing  on  the  printer  specified  with  the  -p  parameter. 

-m 

Resumes  printing  on  the  printer  specified  with  the  -p 
parameter. 

-e 

prints  a  test  page  on  the  printer  specified  with  the  -p 
parameter. 

-x 

Cancels  all  print  jobs  on  the  printer  specified  with  the  -p 
parameter. 

-s 

Specifies  the  name  of  the  remote  computer  that  hosts  the 
printer  that  you  want  to  manage.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 

-P 

Specifies  the  name  of  the  printer  that  you  want  to  manage. 
Required. 

-u  -w 

Specifies  an  account  with  permissions  to  connect  to  the 
computer  that  hosts  the  printer  that  you  want  to  manage.  All 
members  of  the  target  computer's  local  Administrators  group 
have  these  permissions,  but  the  permissions  can  also  be 
granted  to  other  users.  If  you  do  not  specify  an  account,  you 
must  be  logged  on  under  an  account  with  these  permissions 
for  the  command  to  work. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  The  prnqctl  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  prnqctl  file, 
or  change  directories  to  the  appropriate  folder.  For  example: 


c script  %WINdir%\System32\printing_Admin_Scripts\en-US\prnqctl 
•  if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 
"computer  Name"  ). 

##  Examples 

To  print  a  test  page  on  the  Laserprinterl  printer  shared  by  the  \\Server1  computer,  type: 
cscript  Prnqctl  -e  -s  Serverl  -p  Laserprinterl 

To  pause  printing  on  the  Laserprinterl  printer  on  the  local  computer,  type: 
cscript  Prnqctl  -z  -p  Laserprinterl 

To  cancel  all  print  jobs  on  the  Laserprinterl  printer  on  the  local  computer,  type: 
cscript  Prnqctl  -x  -p  Laserprinterl 
####  additional  references 
Command-Line  Syntax  Key 
print  Command  Reference 


prompt 

4/13/2018  •  1  min  to  read  •  EditOnline 

Changes  the  Cmd.exe  command  prompt.  If  used  without  parameters,  prompt  resets  the  command  prompt  to  the 
default  setting,  which  is  the  current  drive  letter  and  directory  followed  by  the  greater  than  symbol  (>). 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

prompt  [<Text>] 

Parameters 

PARAMETER 

DESCRIPTION 

<Text> 

Specifies  the  text  and  information  that  you  want  to  include  in 
the  command  prompt. 

/?  Displays  help  at  the  command  prompt. 


Remarks 

•  You  can  customize  the  command  prompt  to  display  any  text  you  want,  including  such  information  as  the  name 
of  the  current  directory,  the  time  and  date,  and  the  Microsoft  Windows  version  number. 

•  The  following  table  lists  the  character  combinations  that  you  can  include  instead  of,  or  in  addition  to,  one  or 
more  character  strings  in  the  Text  parameter.  The  list  includes  a  brief  description  of  the  text  or  information  that 
each  character  combination  adds  to  your  command  prompt. 

[Character|Description|  | . |- . -|  |$q|=  (equal  sign)|  |$$|$  (dollar  sign)|  |$t|Current  time[  |$d|Current 

date|  |$p|Current  drive  and  path|  |$v|Windows  version  number|  |$n|Current  drive|  |$g|>  (greater  than  sign)|  |$l| 
<  (less  than  sign)|  |$b||  (pi pe) |  |$_|ENTER-LINEFEED|  |$e|ANSI  escape  code  (code  27) |  |$h|Backspace  (to  delete 
a  character  that  has  been  written  to  the  command  line) |  |$a|&  (ampersand)l  |$c|(  (left  parenthesis)|  |$f|)  (right 
parenthesis)|  |$s|space| 

•  When  command  extensions  are  enabled  (that  is,  the  default)  the  prompt  command  supports  the  following 
formatting  characters: 

|Character|Description|  | . |- . -|  |$  +  |Zero  or  more  plus  sign  (+)  characters,  depending  on  the  depth 

of  the  pushd  directory  stack  (one  character  for  each  level  pushed). |  |$m|The  remote  name  associated  with  the 
current  drive  letter  or  the  empty  string  if  current  drive  is  not  a  network  drive. | 

•  If  you  include  the  $p  character  in  the  text  parameter,  your  disk  is  read  after  you  enter  each  command  (to 
determine  the  current  drive  and  path).  This  can  take  extra  time,  especially  for  floppy  disk  drives. 

Examples 

To  set  a  two-line  command  prompt  with  the  current  time  and  date  on  the  first  line  and  the  greater  than  sign  on  the 

next  line,  type: 


prompt  $d$s$s$t$_$g 

The  prompt  is  changed  as  follows,  where  the  date  and  time  are  current: 

Fri  06/01/2007  13:53:28.91 

> 

To  set  the  command  prompt  to  display  as  an  arrow  (-->),  type: 
prompt  --$g 

To  manually  change  the  command  prompt  to  the  default  setting  (the  current  drive  and  path  followed  by  the  greater 
than  sign),  type: 

prompt  $p$g 

Additional  references 

Command-Line  Syntax  Key 


pubprn 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Publishes  a  printer  to  the  active  directory  Domain  Services. 

Syntax 

cscript  pubprn  {<ServerName>  |  <UNCprinterpath>} 

"LDAP://CN=<Container>jDC=<Container>" 


Parameters 

PARAMETER 


DESCRIPTION 

Specifies  the  name  of  the  Windows  server  that  hosts  the 
printer  that  you  want  to  publish.  If  you  do  not  specify  a 
computer,  the  local  computer  is  used. 


The  Universal  Naming  Convention  (UNC)  path  to  the  shared 
printer  that  you  want  to  publish. 


"LDAP://CN=,DC  =  " 


Specifies  the  path  to  the  container  in  active  directory  Domain 
Services  where  you  want  to  publish  the  printer. 


/? 


Displays  help  at  the  command  prompt. 


remarks 

•  The  pubprn  command  is  a  Visual  Basic  script  located  in  the  %WINdir%\System32\printing_Admin_Scripts\ 
directory.  To  use  this  command,  at  a  command  prompt,  type  cscript  followed  by  the  full  path  to  the  pubprn  file, 
or  change  directories  to  the  appropriate  folder.  For  example: 

cscript  %WINdir%\System32\printing_Admin_Scripts\en-US\pubprn 

•  if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example, 

"computer  Name"  ).  ##  Examples  To  publish  all  printers  on  the  \\Server1  computer  to  the  MyContainer  container 
in  the  MyDomain.company.Com  domain,  type: 

cscript  Ppubprn  Serverl  "LDAP://CN=MyContainerJDC=MyDomainJDC=companyJDC=Com"  To  publish  the  Laserprinterl 
printer  on  the  \\Server1  server  to  the  MyContainer  container  in  the  MyDomain.company.Com  domain,  type: 

cscript  Ppubprn  \\Serverl\Laserprinterl  "LDAP://CN=MyContainerJDC=MyDomainJDC=companyJDC=Com"  #### 
additional  references  Command-Line  Syntax  Key  print  Command  Reference 


pushd 

4/1 3/2018  *1  min  to  read  •  Edit  Online 


Stores  the  current  directory  for  use  by  the  popd  command,  and  then  changes  to  the  specified  directory. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

pushd  [<Path>] 


Parameters 

PARAMETER  DESCRIPTION 

<  Path>  Specifies  the  directory  to  make  the  current  directory.  This 

command  supports  relative  paths. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Every  time  you  use  the  pushd  command,  a  single  directory  is  stored  for  your  use.  However,  you  can  store 
multiple  directories  by  using  the  pushd  command  multiple  times. 

The  directories  are  stored  sequentially  in  a  virtual  stack.  If  you  use  the  pushd  command  once,  the  directory 
in  which  you  use  the  command  is  placed  at  the  bottom  of  the  stack.  If  you  use  the  command  again,  the 
second  directory  is  placed  on  top  of  the  first  one.  The  process  repeats  every  time  you  use  the  pushd 
command. 

You  can  use  the  popd  command  to  change  the  current  directory  to  the  directory  most  recently  stored  by 
the  pushd  command.  If  you  use  the  popd  command,  the  directory  on  the  top  of  the  stack  is  removed  from 
the  stack  and  the  current  directory  is  changed  to  that  directory.  If  you  use  the  popd  command  again,  the 
next  directory  on  the  stack  is  removed. 

•  If  command  extensions  are  enabled,  the  pushd  command  accepts  either  a  network  path  or  a  local  drive  letter 
and  path. 

•  If  you  specify  a  network  path,  the  pushd  command  temporarily  assigns  the  highest  unused  drive  letter  (starting 
with  Z:)  to  the  specified  network  resource.  The  command  then  changes  the  current  drive  and  directory  to  the 
specified  directory  on  the  newly  assigned  drive.  If  you  use  the  popd  command  with  command  extensions 
enabled,  the  popd  command  removes  the  drive-letter  assignation  created  by  pushd. 

Examples 

The  following  example  shows  how  you  can  use  the  pushd  command  and  the  popd  command  in  a  batch  program 

to  change  the  current  directory  from  the  one  in  which  the  batch  program  was  run  and  then  change  it  back: 


@echo  off 

rem  This  batch  file  deletes  all  .txt  files  in  a  specified  directory 

pushd  %1 

del  *.txt 

popd 

els 

echo  All  text  files  deleted  in  the  %1  directory 


Additional  references 

Command-Line  Syntax  Key 

Popd 


pushpri interconnections 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Reads  Deployed  Printer  Connection  settings  from  Group  Policy,  and  deploys/removes  printer  connections  as 
needed. 

Syntax 

pushprinterconnections  <-log>  <-?> 

Parameters 

PARAMETER  DESCRIPTION 

<-log>  Writes  a  per  user  debug  log  file  to  %temp,  or  writes  a  per 

machine  debug  log  to  %windir%\temp. 

<-?>  Displays  Help  at  the  command  prompt. 


Remarks 

This  utility  is  for  use  in  machine  startup  or  user  logon  scripts,  and  should  not  be  run  from  the  command  line. 

Additional  references 

•  Command-Line  Syntax  Key 

•  Deploy  Printers  by  Using  Group  Policy 


qappsrv 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  a  list  of  all  remote  Desktop  Session  Host  (rd  Session  Host)  servers  on  the  network. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  query  termserver  command. 

additional  references 

query  termserver  Command- Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


q process 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  information  about  processes  that  are  running  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  query  process  command. 

additional  references 

query  process  Command-Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


query 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  information  about  processes,  sessions,  and  remote  Desktop  Session  Host  (rd  Session  Host)  servers 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 

query  process 

query  session 
query  termserver 

query  user 

Parameters 

PARAMETER 

DESCRIPTION 

query  process 

Displays  information  about  processes  that  are  running  on  an  rd 
Session  Host  server. 

query  session 

Displays  information  about  sessions  on  an  rd  Session  Host 

server. 

query  termserver 

Displays  a  list  of  all  rd  Session  Host  servers  on  the  network. 

query  user 

Displays  information  about  user  sessions  on  an  rd  Session 

Host  server. 

additional  references 

Command- Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


quser 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  information  about  user  sessions  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  query  user  command. 

additional  references 

query  user 

Command-Line  Syntax  Key 

remote  Desktop  Services  (Terminal  Services)  Command  Reference 


qwinsta 

1 0/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  information  about  sessions  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  query  session  command. 

additional  references 

query  session  Command-Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


rep 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Copies  files  between  computers.  This  command  has  been  deprecated.  You  can  install  the  Subsystem  for  UNIX- 
based  Applications  using  the  Add  Features  Wizard.  For  more  information,  see  Windows  Server  2008  UNIX 
Interoperability  Components  at  the  Microsoft  Web  site.  After  installation,  you  can  then  open  a  C  Shell  or  Korn 
Shell  command  window  and  run  rep.  For  more  information,  type  man  rep  at  the  C  Shell  or  Korn  Shell  prompt. 


rd 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 

Deletes  a  directory.  This  command  is  the  same  as  the  rmdir  command. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

rd  [<Drive>: ]<Path>  [/s  [ /q ] ] 
rmdir  [<Drive> : ]<Path>  [/s  [ /q ] ] 

Parameters 

PARAMETER 

DESCRIPTION 

[<  Drive> :] 

Specifies  the  location  and  the  name  of  the  directory  that  you 
want  to  delete.  Path  is  required. 

/s 

Deletes  a  directory  tree  (the  specified  directory  and  all  its 
subdirectories,  including  all  files). 

/q 

Specifies  quiet  mode.  Does  not  prompt  for  confirmation  when 
deleting  a  directory  tree.  (Note  that  /q  works  only  if  /s  is 
specified.) 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  You  cannot  delete  a  directory  that  contains  files,  including  hidden  or  system  files.  If  you  attempt  to  do  so,  the 
following  message  appears: 

The  directory  is  not  empty 

Use  the  dir /a  command  to  list  all  files  (including  hidden  and  system  files).  Then  use  the  attrib  command 
with  -h  to  remove  hidden  file  attributes,  -s  to  remove  system  file  attributes,  or  -h  -s  to  remove  both  hidden 
and  system  file  attributes.  After  the  hidden  and  file  attributes  have  been  removed,  you  can  delete  the  files. 

•  If  you  insert  a  backslash  ()  at  the  beginning  of  Path,  Path  will  start  at  the  root  directory  (regardless  of  the 
current  directory). 

•  You  cannot  use  rd  to  delete  the  current  directory.  If  you  attempt  to  delete  the  current  directory,  the  following 
error  message  appears: 

The  process  cannot  access  the  file  because  it  is  being  used  by  another  process. 

If  you  receive  this  error  message,  you  must  change  to  a  different  directory  (not  a  subdirectory  of  the  current 
directory),  and  then  use  rd  (specify  Path  if  necessary). 

•  The  rd  command,  with  different  parameters,  is  available  from  the  Recovery  Console. 


Examples 

You  cannot  delete  the  directory  that  you  are  currently  working  in.  You  must  change  to  a  directory  that  is  not  within 
the  current  directory.  For  example,  to  change  to  the  parent  directory,  type: 

cd  . . 

You  can  now  safely  remove  the  desired  directory. 

Use  the  /s  option  to  remove  a  directory  tree.  For  example,  to  remove  a  directory  named  Test  (and  all  its 
subdirectories  and  files)  from  the  current  directory,  type: 

rd  /s  test 

To  run  the  previous  example  in  quiet  mode,  type: 

nd  /s  /q  test 

Caution 

When  you  run  rd  /s  in  quiet  mode,  the  entire  directory  tree  is  deleted  without  confirmation.  Ensure  that  important 
files  are  moved  or  backed  up  before  using  the  /q  command-line  option. 

Additional  references 

Command-Line  Syntax  Key 


rdpsign 

10/24/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Enables  you  to  digitally  sign  a  remote  Desktop  Protocol  (.rdp)  file,  for  examples  of  how  to  use  this  command,  see 

Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

Syntax 

rdpsign  /shai  <hash>  [/q  |  /v  | ]  [ / 1 ]  <file 

_name . rdp> 

Parameters 

PARAMETER 

DESCRIPTION 

/shai 

Specifies  the  thumbprint,  which  is  the  Secure  Hash  Algorithm  1 
(SHAI)  hash  of  the  signing  certificate  that  is  included  in  the 
certificate  store. 

/q 

Quiet  mode.  No  output  when  the  command  succeeds  and 
minimal  output  if  the  command  fails. 

/v 

verbose  mode.  Displays  all  warnings,  messages,  and  status. 

/I 

Tests  the  signing  and  output  results  without  actually  replacing 
any  of  the  input  files. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  The  SHA1  certificate  thumbprint  should  represent  a  trusted  .rdp  file  publisher.  To  obtain  the  certificate  thumbprint,  open 
the  Certificates  snap-in,  double-click  the  certificate  that  you  want  to  use  (either  in  the  local  computer's  certificates  store 
or  in  your  personal  certificates  store),  click  the  details  tab,  and  then  in  the  Field  list,  click  Thumbprint.  [I  NOTE]  When  you 
copy  the  thumbprint  for  use  with  the  rdpsign.exe  tool,  you  must  remove  any  spaces. 

•  You  must  specify  the  .rdp  file  (or  files)  to  sign  by  using  the  full  file  name.  Wildcard  characters  are  not  accepted. 

•  The  signed  output  files  will  overwrite  the  input  files. 

•  if  any  of  the  .rdp  files  cannot  be  read  or  written  to,  the  tool  will  continue  to  the  next  file  if  multiple  files  are  specified.  ## 
Examples 

•  To  sign  an  .rdp  file  that  is  named  Filel  .rdp,  navigate  to  the  folder  where  you  saved  the  .rdp  file,  and  then  type  the 
following:  ndpsign  /shai  hash  filel.  rdp  [INOTE]  The  hash  value  represents  the  SHA1  certificate  thumbprint,  without 
any  spaces. 

•  To  test  whether  digital  signing  will  succeed  for  an  .rdp  file  without  actually  signing  the  file,  type  the  following: 

rdpsign  /shal  hash  /I  filel. rdp 

•  To  sign  multiple  .rdp  files,  separate  the  file  names  by  using  spaces.  For  example,  to  sign  multiple  .rdp  files  that  are  named 
Filel  .rdp,  File2. rdp,  and  File3. rdp,  type  the  following:  rdpsign  /shai  hash  filel.  rdp  file2.rdp  file3.rdp  ##  See  Also 
Command-Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


recover 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Recovers  readable  information  from  a  bad  or  defective  disk. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

recover  [<Drive> : ] [<Path>]<FileName> 


Parameters 

PARAMETER  DESCRIPTION 

[<  Drive> :][]  Specifies  the  location  and  name  of  the  file  that  you  want  to 

recover.  FileName  is  required. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  The  recover  command  reads  a  file,  sector-by-sector,  and  recovers  data  from  the  good  sectors.  Data  in  bad 
sectors  is  lost. 

•  Bad  sectors  reported  by  chkdsk  were  marked  as  "bad"  when  your  disk  was  prepared  for  operation.  They  pose 
no  danger,  and  recover  does  not  affect  them. 

•  Because  all  data  in  bad  sectors  is  lost  when  you  recover  a  file,  you  should  recover  only  one  file  at  a  time. 

•  You  cannot  use  wildcard  characters  (*  and  ?)  with  the  recover  command.  You  must  specify  a  file  (and  the 
location  of  the  file  if  it  is  not  in  the  current  directory). 

Examples 

To  recover  the  file  Story.txt  in  the  \Fiction  directory  on  drive  D,  type: 

recover  d:\fiction\story.txt 

Additional  references 

Command-Line  Syntax  Key 


reg 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Performs  operations  on  registry  subkey  information  and  values  in  registry  entries.  The  reg  commands  include: 

Reg  add 
Reg  compare 
Reg  copy 
Reg  delete 
Reg  export 
Reg  import 
Reg  load 
Reg  query 
Reg  restore 
Reg  save 
Reg  unload 

Some  operations  enable  you  to  view  or  configure  registry  entries  on  local  or  remote  computers,  while  others  allow 
you  to  configure  only  local  computers.  Using  reg  to  configure  the  registry  of  remote  computers  limits  the 
parameters  that  you  can  use  in  some  operations.  Check  the  syntax  and  parameters  for  each  operation  to  verify  that 
they  can  be  used  on  remote  computers 


reg  add 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Adds  a  new  subkey  or  entry  to  the  registry. 

Syntax 

reg  add  <KeyName>  [{/v  ValueName  |  /ve}]  [/t  DataType]  [/s  Separator]  [/d  Data]  [/f] 
For  examples  of  how  to  use  this  command,  see  Examples. 

Parameters 


PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey  or  entry  to  be  added.  To 
specify  a  remote  computer,  include  the  computer  name  (in  the 
format  \\<ComputerName>)  as  part  of  the  KeyName. 

Omitting  \\Computerl\lame\  causes  the  operation  to  default  to 
the  local  computer.  The  KeyName  must  include  a  valid  root 
key.  Valid  root  keys  for  the  local  computer  are:  HKLM,  HKCU, 
HKCR,  HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid 
root  keys  are:  HKLM  and  HKU. 

/v  <ValueName> 

Specifies  the  name  of  the  registry  entry  to  be  added  under  the 
specified  subkey. 

/ve 

Specifies  that  the  registry  entry  that  is  added  to  the  registry 
has  a  null  value. 

/t  <Type> 

Specifies  the  type  for  the  registry  entry.  Type  must  be  one  of 
the  following: 

REG_SZ 

REG_MULTI_SZ 

REG_DWORD_BIG_ENDIAN 

REG_DWORD 

REG_BINARY 

REG_DWORD_LITTLE_ENDIAN 

REG_LINK 

REG_FULL_RESOURCE_DESCRIPTOR 

REG_EXPAND_SZ 

/s  <Separator> 

Specifies  the  character  to  be  used  to  separate  multiple 
instances  of  data  when  the  REG_MULTI_SZ  data  type  is 
specified  and  more  than  one  entry  needs  to  be  listed.  If  not 
specified,  the  default  separator  is  \0. 

/d  <Data> 

Specifies  the  data  for  the  new  registry  entry. 

/f 

Adds  the  registry  entry  without  prompting  for  confirmation. 

/? 

Displays  help  for  reg  add  at  the  command  prompt. 

Displays  help  for  reg  add  at  the  command  prompt. 


Remarks 


•  Subtrees  cannot  be  added  with  this  operation.  This  version  of  reg  does  not  ask  for  confirmation  when  adding  a 
subkey. 

•  The  following  table  lists  the  return  values  for  the  reg  add  operation. 

VALUE  DESCRIPTION 

0  Success 

1  Failure 

•  For  the  REG_EXPAN  D_SZ  key  type,  use  the  caret  symbol  (  A  )  with  %"  inside  the  /d  parameter 

Examples 

To  add  the  key  HKLM\Software\MyCo  on  remote  computer  ABC,  type: 

REG  ADD  \\ABC\HKLM\Software\MyCo 

To  add  a  registry  entry  to  HKLM\Software\MyCo  with  a  value  named  Data  of  type  REG_BINARY  and  data  of 
fe340ead,  type: 

REG  ADD  HKLM\Software\MyCo  /v  Data  /t  REG_BINARY  /d  fe340ead 

To  add  a  multivalued  registry  entry  to  HKLM\Software\MyCo  with  a  value  name  of  MRU  of  type  REG_MULTI_SZ 
and  data  of  fax\0mail\0\0,  type: 

REG  ADD  HKLM\Software\MyCo  /v  MRU  /t  REG_MULTI_SZ  /d  f ax\0mail\0\0 

To  add  an  expanded  registry  entry  to  HKLM\Software\MyCo  with  a  value  name  of  Path  of  type  REG_EXPAND_SZ 
and  data  of  %systemroot%,  type: 

REG  ADD  HKLM\Software\MyCo  /v  Path  /t  REG_EXPAND_SZ  /d  A%systemrootA% 

Additional  references 

Command-Line  Syntax  Key 


reg  compare 

4/13/2018  •  2  min  to  read  •  EditOnline 

Compares  specified  registry  subkeys  or  entries. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

reg  compare  <KeyNamel>  <KeyName2>  [{/v  ValueName  |  /ve}] 

[{/oa  |  /od  |  /os  |  on}]  [/s ] 

Parameters 

PARAMETER 

DESCRIPTION 

<KeyName1  > 

Specifies  the  full  path  of  the  first  subkey  to  be  compared.  To 
specify  a  remote  computer,  include  the  computer  name  (in  the 
format  WComputerName)  as  part  of  the  KeyName.  Omitting 
\\ComputerName\  causes  the  operation  to  default  to  the  local 
computer.  The  KeyName  must  include  a  valid  root  key.  Valid 
root  keys  for  the  local  computer  are:  HKLM,  HKCU,  HKCR, 

HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid  root 
keys  are:  HKLM  and  HKU. 

<KeyName2> 

Specifies  the  full  path  of  the  second  subkey  to  be  compared. 

To  specify  a  remote  computer,  include  the  computer  name  (in 
the  format  WComputerName)  as  part  of  the  KeyName. 

Omitting  WComputerName\  causes  the  operation  to  default  to 
the  local  computer.  Specifying  only  the  computer  name  in 
KeyName2  causes  the  operation  to  use  the  path  to  the 
subkey  specified  in  KeyName! .  The  KeyName  must  include  a 
valid  root  key.  Valid  root  keys  for  the  local  computer  are: 

HKLM,  HKCU,  HKCR,  HKU,  and  HKCC.  If  a  remote  computer  is 
specified,  valid  root  keys  are:  HKLM  and  HKU. 

/v  <ValueName> 

Specifies  the  value  name  to  compare  under  the  subkey. 

/ve 

Specifies  that  only  entries  that  have  a  value  name  of  null 
should  be  compared. 

[{/oa 

/od 

/oa 

Specifies  that  all  differences  and  matches  are  displayed.  By 
default,  only  the  differences  are  listed. 

/od 

Specifies  that  only  differences  are  displayed.  This  is  the  default 
behavior. 

/os 

Specifies  that  only  matches  are  displayed.  By  default,  only  the 
differences  are  listed. 

PARAMETER 


DESCRIPTION 


/on  Specifies  that  nothing  is  displayed.  By  default,  only  the 

differences  are  listed. 


/s 

Compares  all  subkeys  and  entries  recursively. 

/? 

Displays  help  for  reg  compare  at  the  command  prompt. 

Remarks 

The  following  table  lists  the  return  values  for  reg  compare. 

VALUE 

DESCRIPTION 

0 

The  comparison  is  successful  and  the  result  is  identical. 

1 

The  comparison  failed. 

2 

The  comparison  was  successful  and  differences  were  found. 

The  following  table  lists  the  symbols  displayed  in  the  results. 

SYMBOL 

DESCRIPTION 

= 

KeyNamel  data  is  equal  to  KeyName2  data. 

< 

KeyNamel  data  is  less  than  KeyName2  data. 

>  KeyNamel  data  is  greater  than  KeyName2  data. 


Examples 

To  compare  all  values  under  the  key  MyApp  with  all  values  under  the  key  SaveMyApp,  type: 

REG  COMPARE  HKLM\Software\MyCo\MyApp  HKLM\Software\MyCo\SaveMyApp 

To  compare  the  value  for  the  Version  under  the  key  MyCo  and  the  value  for  the  Version  under  the  key  MyCol, 
type: 

REG  COMPARE  HKLM\Software\MyCo  HKLM\Software\MyCo1  /v  Version 

To  compare  all  subkeys  and  values  under  HKLM\Software\MyCo  on  the  computer  named  ZODIAC  with  all 
subkeys  and  values  under  HKLM\Software\MyCo  on  the  local  computer,  type: 

REG  COMPARE  \\ZODIAC\HKLM\Software\MyCo  \\.  /s 

Additional  references 

Command-Line  Syntax  Key 


reg  copy 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Copies  a  registry  entry  to  a  specified  location  on  the  local  or  remote  computer. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

reg  copy  <KeyNamel>  <KeyName2>  [/s]  [/f] 

Parameters 


PARAMETER 

DESCRIPTION 

<KeyName1  > 

Specifies  the  full  path  of  the  subkey  to  copy.  To  specify  a 
remote  computer,  include  the  computer  name  (in  the  format 
WComputerName)  as  part  of  the  KeyName.  Omitting 
\\ComputerName\  causes  the  operation  to  default  to  the  local 
computer.  The  KeyName  must  include  a  valid  root  key.  Valid 
root  keys  for  the  local  computer  are:  HKLM,  HKCU,  HKCR, 

HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid  root 
keys  are:  HKLM  and  HKU. 

<KeyName2> 

Specifies  the  full  path  of  the  subkey  destination.  To  specify  a 
remote  computer,  include  the  computer  name  (in  the  format 
WComputerName)  as  part  of  the  KeyName.  Omitting 
WComputerName\  causes  the  operation  to  default  to  the  local 
computer.  The  KeyName  must  include  a  valid  root  key.  Valid 
root  keys  for  the  local  computer  are:  HKLM,  HKCU,  HKCR, 

HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid  root 
keys  are:  HKLM  and  HKU. 

/s 

Copies  all  subkeys  and  entries  under  the  specified  subkey. 

/f 

Copies  the  subkey  without  prompting  for  confirmation. 

/? 

Displays  help  for  reg  copy  at  the  command  prompt. 

Remarks 

•  Reg  does  not  ask  for  confirmation  when  copying  a  subkey. 

•  The  following  table  lists  the  return  values  for  the  reg  copy  operation 


VALUE 

DESCRIPTION 

0 

Success 

1 


Failure 


Examples 

To  copy  all  subkeys  and  values  under  the  key  MyApp  to  the  key  SaveMyApp,  type: 

REG  COPY  HKLM\Software\MyCo\MyApp  HKLM\Software\MyCo\SaveMyApp  /s 

To  copy  all  values  under  the  key  MyCo  on  the  computer  named  ZODIAC  to  the  key  MyCol  on  the  current 
computer,  type: 

REG  COPY  \\ZODIAC\HKLM\Softwane\MyCo  HKLM\Software\MyCol 

Additional  references 

Command-Line  Syntax  Key 


reg  delete 

4/13/2018  •  1  min  to  read  •  EditOnline 

Deletes  a  subkey  or  entries  from  the  registry. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

Reg  delete  <KeyName>  [{/v  ValueName  |  /ve  |  /va}]  [/f] 

Parameters 

PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey  or  entry  to  be  deleted.  To 
specify  a  remote  computer,  include  the  computer  name  (in  the 
format  WComputerName)  as  part  of  the  KeyName.  Omitting 
\\ComputerName\  causes  the  operation  to  default  to  the  local 
computer.  The  KeyName  must  include  a  valid  root  key.  Valid 
root  keys  for  the  local  computer  are:  HKLM,  HKCU,  HKCR, 

HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid  root 
keys  are:  HKLM  and  HKU. 

/v  <ValueName> 

Deletes  a  specific  entry  under  the  subkey.  If  no  entry  is 
specified,  then  all  entries  and  subkeys  under  the  subkey  will  be 
deleted. 

/ve 

Specifies  that  only  entries  that  have  no  value  will  be  deleted. 

/va 

Deletes  all  entries  under  the  specified  subkey.  Subkeys  under 
the  specified  subkey  are  not  deleted. 

/f 

Deletes  the  existing  registry  subkey  or  entry  without  asking 
for  confirmation. 

/? 

Displays  help  for  reg  delete  at  the  command  prompt. 

Remarks 

The  following  table  lists  the  return  values  for  the  reg  delete  operation. 

VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

Examples 


To  delete  the  registry  key  Timeout  and  its  all  subkeys  and  values,  type: 


REG  DELETE  HKLM\Software\MyCo\MyApp\Timeout 


To  delete  the  registry  value  MTU  under  HKLM\Software\MyCo  on  the  computer  named  ZODIAC,  type: 

REG  DELETE  \\ZODIAC\HKLM\Software\MyCo  /v  MTU 

Additional  references 

Command-Line  Syntax  Key 


reg  export 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Copies  the  specified  subkeys,  entries,  and  values  of  the  local  computer  into  a  file  for  transfer  to  other  servers 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

Reg  export  KeyName  FileName  [/y] 

Parameters 


PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey.  The  export  operation 
works  only  with  the  local  computer.  The  KeyName  must 
include  a  valid  root  key.  Valid  root  keys  are:  HKLM,  HKCU, 
HKCR,  HKU,  and  HKCC. 

<FileName> 

Specifies  the  name  and  path  of  the  file  to  be  created  during 
the  operation.  The  file  must  have  a  .reg  extension. 

/y 

Overwrites  any  existing  file  with  the  name  FileName  without 
prompting  for  confirmation. 

/? 

Displays  help  for  reg  export  at  the  command  prompt. 

Remarks 

The  following  table  lists  the  return  values  for  the  reg  export  operation 


VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

Examples 

To  export  the  contents  of  all  subkeys  and  values  of  the  key  MyApp  to  the  file  AppBkUp.reg,  type: 
reg  export  HKLM\Software\MyCo\MyApp  AppBkUp.reg 

Additional  references 

Command-Line  Syntax  Key 


reg  import 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Copies  the  contents  of  a  file  that  contains  exported  registry  subkeys,  entries,  and  values  into  the  registry  of  the 
local  computer. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

Reg  import  FileName 

Parameters 

PARAMETER  DESCRIPTION 

<  FileName>  Specifies  the  name  and  path  of  the  file  that  has  content  to  be 

copied  into  the  registry  of  the  local  computer.  This  file  must  be 
created  in  advance  by  using  reg  export. 

/?  Displays  help  for  reg  import  at  the  command  prompt. 

Remarks 

The  following  table  lists  the  return  values  for  the  reg  import  operation. 

VALUE  DESCRIPTION 

0  Success 

1  Failure 


Examples 

To  import  registry  entries  from  the  file  named  AppBkUp.reg,  type: 
reg  import  AppBkUp.reg 

Additional  references 


Command-Line  Syntax  Key 


reg  load 

4/13/2018  •  1  min  to  read  •  EditOnline 

Writes  saved  subkeys  and  entries  into  a  different  subkey  in 
are  used  for  troubleshooting  or  editing  registry  entries. 

the  registry.  Intended  for  use  with  temporary  files  that 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

reg  load  KeyName  FileName 

Parameters 

PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey  to  be  loaded.  For 
specifying  remote  computers,  include  the  computer  name  (in 
the  format  WComputerName)  as  part  of  the  KeyName. 

Omitting  \\Computerl\lame\  causes  the  operation  to  default  to 
the  local  computer.  The  KeyName  must  include  a  valid  root 
key.  Valid  root  keys  for  the  local  computer  are:  HKLM,  HKCU, 
HKCR,  HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid 
root  keys  are:  HKLM  and  HKU. 

<FileName> 

Specifies  the  name  and  path  of  the  file  to  be  loaded.  This  file 
must  be  created  in  advance  by  using  the  reg  save  operation 
and  a  .hiv  extension. 

/? 

Displays  help  for  reg  load  at  the  command  prompt. 

Remarks 

The  following  table  lists  the  return  values  for  the  reg  load  operation. 

VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

Examples 

To  load  the  file  named  TempHive.hiv  to  the  key  HKLM\TempHive,  type: 

REG  LOAD  HKLM\TempHive  TempHive.hiv 

Additional  references 

Command-Line  Syntax  Key 


reg  query 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Returns  a  list  of  the  next  tier  of  subkeys  and  entries  that  are  located  under  a  specified  subkey  in  the  registry. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 


reg  query  <KeyName>  [{/v  <ValueName> 
<Type>]  [/z] 

|  /ve}]  [/s]  [/se  <Separator>]  [/f  <Data>]  [{/k  |  /d}]  [/c]  [/e]  [/t 

Parameters 


PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey.  For  specifying  remote 
computers,  include  the  computer  name  (in  the  format 
WComputerName)  as  part  of  the  KeyName.  Omitting 
\\ComputerName\  causes  the  operation  to  default  to  the  local 
computer.  The  KeyName  must  include  a  valid  root  key.  Valid 
root  keys  for  the  local  computer  are:  HKLM,  HKCU,  HKCR, 

HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid  root 
keys  are:  HKLM  and  HKU. 

/v  <ValueName> 

Specifies  the  registry  value  name  that  is  to  be  queried.  If 
omitted,  all  value  names  for  KeyName  are  returned. 
ValueName  for  this  parameter  is  optional  if  the  /f  option  is 
also  used. 

/ve 

Runs  a  query  for  value  names  that  are  empty. 

/s 

Specifies  to  query  all  subkeys  and  value  names  recursively. 

/se  <  Separator 

Specifies  the  single  value  separator  to  search  for  in  the  value 
name  type  REG_MULTI_SZ.  If  Separator  is  not  specified,  \0  is 
used. 

/f  <Data> 

Specifies  the  data  or  pattern  to  search  for.  Use  double  quotes 
if  a  string  contains  spaces.  If  not  specified,  a  wildcard  (*)  is 
used  as  the  search  pattern. 

/k 

Specifies  to  search  in  key  names  only. 

/d 

Specifies  to  search  in  data  only. 

/c 

Specifies  that  the  query  is  case  sensitive.  By  default,  queries 
are  not  case  sensitive. 

/e 

Specifies  to  return  only  exact  matches.  By  default,  all  the 
matches  are  returned. 

PARAMETER 


DESCRIPTION 


/t  <Type> 

Specifies  registry  types  to  search.  Valid  types  are:  REG_SZ, 
REG_MULTI_SZ,  REG_EXPAND_SZ,  REG_DWORD,  REG_ BINARY 
REG_NONE.  If  not  specified,  all  types  are  searched. 

/z 

Specifies  to  include  the  numeric  equivalent  for  the  registry 
type  in  search  results. 

/? 

Displays  help  for  reg  query  at  the  command  prompt. 

Remarks  <optional  section > 

The  following  table  lists  the  return  values  for  the  reg  query  operation. 

VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

Examples 

To  display  the  value  of  the  name  value  Version  in  the  HKLM\Software\Microsoft\ResKit  key,  type: 

REG  QUERY  HKLM\Software\Microsoft\ResKit  /v  Version 

To  display  all  subkeys  and  values  under  the  key  HKLM\Software\Microsoft\ResKit\Nt\Setup  on  a  remote 
computer  named  ABC,  type: 

REG  QUERY  \\ABC\HKLM\Software\Microsoft\ResKit\Nt\Set up  /s 

To  display  all  the  subkeys  and  values  of  the  type  REG_MULTI_SZ  using  #  as  the  separator,  type: 

REG  QUERY  HKLM\Software\Microsoft\ResKit\Nt\Setup  /se  # 

To  display  the  key,  value,  and  data  for  exact  and  case  sensitive  matches  of  SYSTEM  under  the  HKLM  root  of  data 
type  REG_SZ,  type: 

REG  QUERY  HKLM  /f  SYSTEM  /t  REG_SZ  /c  /e 

To  display  the  key,  value,  and  data  that  match  OF  in  the  data  under  the  HKCU  root  key  of  data  type  REG_BINARY. 

REG  QUERY  HKCU  /f  0F  /d  /t  REG_BINARY 

To  display  the  value  and  data  for  value  names  of  null  (default)  under  HKLM\SOFTWARE,  type: 

REG  QUERY  HKLM\SOFTWARE  /ve 


Additional  references 


Command-Line  Syntax  Key 


reg  restore 

4/13/2018  •  1  min  to  read  •  EditOnline 

Writes  saved  subkeys  and  entries  back  to  the  registry. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

Reg  restore  <KeyName>  <FileName> 

Parameters 

PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey  to  be  restored.  The  restore 
operation  works  only  with  the  local  computer.  The  KeyName 
must  include  a  valid  root  key.  Valid  root  keys  are:  HKLM, 

HKCU,  HKCR,  HKU,  and  HKCC. 

<FileName> 

Specifies  the  name  and  path  of  the  file  with  content  to  be 
written  into  the  registry.  This  file  must  be  created  in  advance 
with  the  reg  save  operation  using  a  .hiv  extension. 

/? 

Displays  help  for  reg  restore  at  the  command  prompt. 

Remarks 

•  Before  editing  any  registry  entries,  save  the  parent  subkey  with  the  reg  save  operation.  If  the  edit  fails,  restore 
the  original  subkey  with  the  reg  restore  operation. 

•  The  following  table  lists  the  return  values  for  the  reg  restore  operation. 

VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

Examples 

To  restore  the  file  named  NTRKBkllp.hiv  into  the  key  HKLM\Software\Microsoft\ResKit,  and  overwrite  the  existing 
contents  of  the  key,  type: 

REG  RESTORE  HKLM\Software\Microsoft\ResKit  NTRKBkUp . hiv 

Additional  references 


Command-Line  Syntax  Key 


reg  save 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Saves  a  copy  of  specified  subkeys,  entries,  and  values  of  the  registry  in  a  specified  file. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

reg  save  <KeyName>  <FileName>  [/y] 

Parameters 


PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey.  For  specifying  remote 
computers,  include  the  computer  name  (in  the  format 
WComputerName)  as  part  of  the  KeyName.  Omitting 
\\ComputerName\  causes  the  operation  to  default  to  the  local 
computer.  The  KeyName  must  include  a  valid  root  key.  Valid 
root  keys  for  the  local  computer  are:  HKLM,  HKCU,  HKCR, 

HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid  root 
keys  are:  HKLM  and  HKU. 

<FileName> 

Specifies  the  name  and  path  of  the  file  that  is  created.  If  no 
path  is  specified,  the  current  path  is  used. 

/y 

Overwrites  an  existing  file  with  the  name  FileName  without 
prompting  for  confirmation. 

/? 

Displays  help  for  reg  save  at  the  command  prompt. 

Remarks  <optional  section > 

•  The  following  table  lists  the  return  values  for  the  reg  save  operation 


VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

•  Before  editing  any  registry  entries,  save  the  parent  subkey  with  the  reg  save  operation.  If  the  edit  fails,  restore 
the  original  subkey  with  the  reg  restore  operation. 

Examples 


To  save  the  hive  MyApp  into  the  current  folder  as  a  file  named  AppBkUp.hiv,  type: 


REG  SAVE  HKLM\Software\MyCo\MyApp  AppBkllp.hiv 


Additional  references 

Command-Line  Syntax  Key 


reg  unload 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Removes  a  section  of  the  registry  that  was  loaded  using  the  reg  load  operation 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

reg  unload  <KeyName> 

Parameters 


PARAMETER 

DESCRIPTION 

<KeyName> 

Specifies  the  full  path  of  the  subkey  to  be  unloaded.  For 
specifying  remote  computers,  include  the  computer  name  (in 
the  format  WComputerName)  as  part  of  the  KeyName. 
Omitting  \\Computerl\lame\  causes  the  operation  to  default  to 
the  local  computer.  The  KeyName  must  include  a  valid  root 
key.  Valid  root  keys  for  the  local  computer  are  HKLM,  HKCU, 
HKCR,  HKU,  and  HKCC.  If  a  remote  computer  is  specified,  valid 
root  keys  are  HKLM  and  HKU. 

/? 

Displays  help  for  reg  unload  at  the  command  prompt. 

Remarks 

The  following  table  lists  the  return  values  for  the  reg  unload  option 


VALUE 

DESCRIPTION 

0 

Success 

1 

Failure 

Examples 

To  unload  the  hive  TempHive  in  the  file  HKLM,  type: 

REG  UNLOAD  HKLM\TempHive 

Caution 

Do  not  edit  the  registry  directly  unless  you  have  no  alternative.  The  registry  editor  bypasses  standard  safeguards, 
allowing  settings  that  can  degrade  performance,  damage  your  system,  or  even  require  you  to  reinstall  Windows. 
You  can  safely  alter  most  registry  settings  by  using  the  programs  in  Control  Panel  or  Microsoft  Management 
Console  (MMC).  If  you  must  edit  the  registry  directly,  back  it  up  first. 


Additional  references 


Command-Line  Syntax  Key 


regini 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Modifies  the  registry  from  the  command  line  or  a  script,  and  applies  changes  that  were  preset  in  one  or  more  text 
files.  You  can  create,  modify,  or  delete  registry  keys,  in  addition  to  modifying  the  permissions  on  the  registry  keys. 

For  details  on  the  format  and  content  of  the  text  script  file  that  Regini.exe  uses  to  make  changes  to  the  registry,  see 
the  Regini  reference  document  originally  provided  as  part  of  the  Windows  Server  2000  Resource  Kit,  now 
available  at  the  Microsoft  Download  Center  at  https://go.microsoft.com/fwlink/?Linkld  =  201803. 

Syntax 

regini  [-m  Wmachinename  |  -h  hivefile  hiveroot][-i  n]  [-o  outputwidth] [ -b]  textFiles... 

Parameters 


-M  <\\COMPUTERNAME> 

SPECIFIES  THE  REMOTE  COMPUTER  NAME  WITH  A  REGISTRY  THAT 

IS  TO  BE  MODIFIED.  USE  THE  FORMAT  WCOMPUTERNAME. 

-h  < hivefile  hiveroot> 

Specifies  the  local  registry  hive  to  modify.  You  must  specify  the 
name  of  the  hive  file  and  the  root  of  the  hive  in  the  format 

hivefile  hiveroot. 

-i  <n> 

Specifies  the  level  of  indentation  to  use  to  indicate  the  tree 
structure  of  registry  keys  in  the  command  output.  The 
Regdmp.exe  tool  (which  gets  a  registry  key's  current 
permissions  in  binary  format)  uses  indentation  in  multiples  of 
four,  so  the  default  value  is  4. 

-o  <outputwidth> 

Specifies  the  width  of  the  command  output,  in  characters.  If 
the  output  will  appear  in  the  command  window,  the  default 
value  is  the  width  of  the  window.  If  the  output  is  directed  to  a 
file,  the  default  value  is  240  characters. 

-b 

Specifies  that  Regini.exe  output  is  backward  compatible  with 
previous  versions  of  Regini.exe.  See  the  Remarks  section  for 
details. 

textfiles  Specifies  the  name  of  one  or  more  text  files  that  contain 

registry  data.  Any  number  of  ANSI  or  Unicode  text  files  can  be 
listed. 


Remarks 

The  following  guidelines  apply  primarily  to  the  content  of  the  text  files  that  contain  registry  data  that  you  apply  by 
using  Regini.exe. 

•  Use  the  semicolon  as  an  end-of-line  comment  character.  It  must  be  the  first  non-blank  character  in  a  line. 

•  Use  the  backslash  to  indicate  continuation  of  a  line.  The  command  will  ignore  all  characters  from  the  backslash 
up  to  (but  not  including)  the  first  non-blank  character  of  the  next  line.  If  you  include  more  than  one  space  before 
the  backslash,  it  is  replaced  by  a  single  space. 

•  Use  hard-tab  characters  to  control  indentation.  This  indentation  indicates  the  tree  structure  of  the  registry  keys; 
however,  these  characters  are  converted  to  a  single  space  regardless  of  their  position. 


Additional  references 

•  Command-Line  Syntax  Key 


regsvr32 

4/13/2018  •  1  min  to  read  •  EditOnline 

Registers  .dll  files  as  command  components  in  the  registry. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

regsvr32  [/u]  [ /s ]  [/n]  [/i[ :cmdline]]  <DllName> 

Parameters 

PARAMETER 

DESCRIPTION 

/U 

Un registers  server. 

/s 

Runs  Regsvr32  without  displaying  messages. 

/n 

Runs  Regsvr32  without  calling  DIIRegisterServer.  (Requires 
the  /i  parameter.) 

/i:<cmdline> 

Passes  an  optional  command-line  string  ( cmdiine )  to 

Dlllnstall.  If  you  use  this  parameter  in  conjunction  with  the  /u 
parameter,  it  calls  DllUninstall. 

<DIIName> 

The  name  of  the  .dll  file  that  will  be  registered. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  register  the  .dll  for  the  Active  Directory  Schema,  type: 

regsvr32  schmmgmt.dll 

Additional  references 

Command-Line  Syntax  Key 


relog 

4/1 3/2018  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

extracts  performance  counters  from  performance  counter  logs  into  other  formats,  such  as  text-TSV  (for  tab- 
delimited  text),  text-CSV  (for  comma-delimited  text),  binary-BIN,  or  SQL. 

Syntax 

relog  [<FileName>  [<FileName>  ...]]  [/a]  [/c  <path>  [<path>  ...]]  [/cf  <FileName>]  [/f  {bin | csv | tsv | SQL}]  [/t 
<Value>]  [/o  {OutputFile | DSNICounterLog}]  [/b  <M/D/YYYY>  [[<HH>:]  <MM>:]  <SS>]  [/e  <M/D/YYYY>  [ [ <HH> : ]  <MM>:] 
<SS>]  [/config  {<FileName> | i}]  [/q] 

Parameters 

FileName  [FileName ...] 

Specifies  the  pathname  of  an  existing  performance  counter  log.  You  can  specify  multiple  input  files. 

-a 

appends  output  file  instead  of  overwriting.  This  option  does  not  apply  to  SQL  format  where  the  default  is  always  to 
append. 

-c  path  [path ...] 

Specifies  the  performance  counter  path  to  log.  To  specify  multiple  counter  paths,  separate  them  with  a  space  and 
enclose  the  counter  paths  in  quotation  marks  (for  example,  "Counterpath  7  Counterpath2"). 

-cf  FileName 

Specifies  the  pathname  of  the  text  file  that  lists  the  performance  counters  to  be  included  in  a  relog  file.  Use  this 
option  to  list  counter  paths  in  an  input  file,  one  per  line.  Default  setting  is  all  counters  in  the  original  log  file  are 
relogged. 

-f  (bin|  csv|  tsv|  SQL} 

Specifies  the  pathname  of  the  output  file  format.  The  default  format  is  bin.  For  a  SQL  database,  the  output  file 
specifies  the  DSNICounterLog.  You  can  specify  the  database  location  by  using  the  ODBC  manager  to  configure  the 
DSN  (Database  System  Name). 

-t  Value 

Specifies  sample  intervals  in  "/V"  records.  Includes  every  nth  data  point  in  the  relog  file.  Default  is  every  data  point, 
-o  {OutputFile  |  "SQL:DSN!Counter_Log}  where  DSN  is  a  ODMC  DSN  defined  on  the  system.  Note:  For  the  64-bit 
and  32-bit  versions  of  Relog.exe,  you  need  to  define  a  DSN  in  the  ODBC  Data  Source  (64-bit  and  32-bit 
respectively) 

Specifies  the  pathname  of  the  output  file  or  SQL  database  where  the  counters  will  be  written. 

-b  M/D/YYYY  [[  HH:]MM:]SS 

Specifies  begin  time  for  copying  first  record  from  the  input  file,  date  and  time  must  be  in  this  exact  format 
M/D/YYYY HH:MM:SS. 

-e  M/D/YYYY  [[  HH:]MM:]SS 

Specifies  end  time  for  copying  last  record  from  the  input  file,  date  and  time  must  be  in  this  exact  format 
M/D/YYYYHH:MM:SS. 

-config  { FileName  \  /} 

Specifies  the  pathname  of  the  settings  file  that  contains  command-line  parameters.  Use  -<  in  the  configuration  file 
as  a  placeholder  for  a  list  of  input  files  that  can  be  placed  on  the  command  line.  On  the  command  line,  however, 
you  do  not  need  to  use  i.  You  can  also  use  wildcards  such  as  .big  to  specify  many  input  file  names. 


Displays  the  performance  counters  and  time  ranges  of  log  files  specified  in  the  input  file. 

-y 

Bypasses  prompting  by  answering  "yes"  to  all  questions. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

Counter  path  format: 

•  The  general  format  for  counter  paths  is  as  follows:  [\\]  \[/<lnstance#lndex>]  \]  where  the  parent,  instance, 
index,  and  counter  components  of  the  format  may  contain  either  a  valid  name  or  a  wildcard  character.  The 
computer,  parent,  instance,  and  index  components  are  not  necessary  for  all  counters. 

•  You  determine  the  counter  paths  to  use  based  on  the  counter  itself.  For  example,  the  LogicalDisk  object  has  an 
instance ,  so  you  must  provide  the  <#index>  or  a  wildcard.  Therefore,  you  could  use  the  following  format: 
\LogicalDisk(*/*#*)\V 

•  In  comparison,  the  Process  object  does  not  require  an  instance  .  Therefore,  you  could  use  the  following  format: 
\Process(*)\ID  Process 

•  The  following  is  a  list  of  the  possible  formats: 
o  \\\(/<lnstance#lndex>)\ 

o  \\\(/)\ 

o  \\\(<lnstance#lndex>)\ 
o  \\\0\ 
o  \\\\ 

o  \(/<lnstance#lndex>)\ 

°  \(/) 

o  \(<lnstance#lndex>)\ 

°  \0\ 

°  \\ 

•  if  a  wildcard  character  is  specified  in  the  parent  name,  all  instances  of  the  specified  object  that  match  the 
specified  instance  and  counter  fields  will  be  returned. 

•  if  a  wildcard  character  is  specified  in  the  instance  name,  all  instances  of  the  specified  object  and  parent  object 
will  be  returned  if  all  instance  names  corresponding  to  the  specified  index  match  the  wildcard  character. 

•  if  a  wildcard  character  is  specified  in  the  counter  name,  all  counters  of  the  specified  object  are  returned. 

•  Partial  counter  path  string  matches  (for  example,  pro*)  are  not  supported. 

Counter  files: 

•  Counter  files  are  text  files  that  list  one  or  more  of  the  performance  counters  in  the  existing  log.  Copy  the  full 
counter  name  from  the  log  or  the  /q  output  in  [\\\  []  \]  format,  list  one  counter  path  on  each  line, 
copying  counters: 

•  When  executed,  relog  copies  specified  counters  from  every  record  in  the  input  file,  converting  the  format  if 
necessary.  Wildcard  paths  are  allowed  in  the  counter  file. 

Saving  input  file  subsets: 

•  Use  the  /t  parameter  to  specify  that  input  files  are  inserted  into  output  files  at  intervals  of  every  th  record.  By 
default,  data  is  relogged  from  every  record. 

Using  /b  and  /e  parameters  with  log  files 

•  You  can  specify  that  your  output  logs  include  records  from  before  begin-time  (that  is,  /b)  to  provide  data  for 
counters  that  require  computation  values  of  the  formatted  value.  The  output  file  will  have  the  last  records  from 
input  files  with  timestamps  less  than  the  /e  (that  is,  end  time)  parameter. 

Using  the  /config  option: 


The  contents  of  the  setting  file  used  with  the  /config  option  should  have  the  following  format: 
o  [] 

o  Value 

o  where  is  a  command  line  option  and  specifies  its  value.  For  example: 
o  [o] 

o  output.txt 
o  [f] 
o  csv 
o  [t] 
o  5 

for  more  information  about  incorporating  relog  into  your  Windows  Management  Instrumentation 
(WMI)  scripts,  see  "Scripting  WMI"  at  the  Microsoft  Windows  Resource  Kits  Web  site. 

##  Examples 

To  resample  existing  trace  logs  at  fixed  intervals  of  30,  list  counter  paths,  output  files  and  formats: 
relog  c:\perflogs\daily_trace_log.blg  /cf  counter_file.txt  /o  c:\perflogs\reduced_log.csv  /t  30  /f 
To  resample  existing  trace  logs  at  fixed  intervals  of  30,  list  counter  paths  and  output  file: 
relog  c:\perflogs\daily_trace_log.blg  /cf  counter_file.txt  /o  c:\perflogs\reduced_log.blg  /t  30  To 
resample  existing  trace  logs  into  a  database  use: 

relog  "c:\perflogs\daily_trace_log.blg"  -f  sql  -o  "SQL :  sql2016x64odbc  !  counter_log"  ##  additional 
references 


Command-Line  Syntax  Key 


rem 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Records  comments  (remarks)  in  a  batch  file  or  CON  FIG. SYS.  If  no  comment  is  specified,  rem  adds  vertical  spacing. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

rem  [<Comment>] 


Parameters 

PARAMETER  DESCRIPTION 


<Comment> 


Specifies  a  string  of  characters  to  include  as  a  comment. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  The  rem  command  does  not  display  comments  on  the  screen.  You  must  use  the  echo  on  command  in  your 
batch  or  CON  FIG. SYS  file  to  display  comments  on  the  screen. 

•  You  cannot  use  a  redirection  character  (<  or  >)  or  pipe  (|)  in  a  batch  file  comment. 

•  Although  you  can  use  rem  without  a  comment  to  add  vertical  spacing  to  a  batch  file,  you  can  also  use  blank 
lines.  Blank  lines  are  ignored  when  a  batch  program  is  processed. 

Examples 

The  following  example  shows  a  batch  file  that  uses  remarks  for  comments  and  for  vertical  spacing: 

@echo  off 

rem  This  batch  program  formats  and  checks  new  disks. 

rem  It  is  named  Checknew.bat. 

rem 

rem  echo  Insert  new  disk  in  Drive  B. 
pause 

format  b:  /v  chkdsk  b: 


To  include  an  explanatory  comment  before  the  prompt  command  in  your  CONFIG.SYS  file,  add  the  following 
lines  to  CONFIG.SYS: 


rem  Set  prompt  to  indicate  current  directory 
prompt  $p$g 


Additional  references 

Command-Line  Syntax  Key 


ren 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Renames  files  or  directories.  This  command  is  the  same  as  the  rename  command. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

ren  [<Drive> : ] [<Path>]<FileNamel>  <FileName2> 
rename  [<Drive> :  ]  [<Path>]<FileNamel>  <Filel\lame2> 


Parameters 

PARAMETER  DESCRIPTION 


[<  Drive> :][]  Specifies  the  location  and  name  of  the  file  or  set  of  files  you 

want  to  rename.  FileNamel  can  include  wildcard  characters  (* 
and  ?). 


<FileName2>  Specifies  the  new  name  for  the  file.  You  can  use  wildcard 

characters  to  specify  new  names  for  multiple  files. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  You  cannot  specify  a  new  drive  or  path  when  renaming  files. 

•  You  cannot  use  the  ren  command  to  rename  files  across  drives  or  to  move  files  to  a  different  directory. 

•  You  can  use  wildcard  characters  (*  and  ?)  in  either  FileName  parameter.  Characters  that  are  represented  by 
wildcard  characters  in  FileName2  will  be  identical  to  the  corresponding  characters  in  FileNamel. 

•  FileName2  must  be  a  unique  file  name.  If  FileName2  matches  an  existing  file  name,  ren  displays  the  following 
message: 

Duplicate  file  name  or  file  not  found 


Examples 

To  change  all  the  .txt  file  name  extensions  in  the  current  directory  to  .doc  extensions,  type: 

ren  *.txt  *.doc 

To  change  the  name  of  a  directory  from  Chapl  0  to  Parti  0,  type: 

ren  chapl@  partl0 

Additional  references 

Command-Line  Syntax  Key 


rename 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


This  is  the  same  as  the  ren  command.  See  ren  for  syntax  and  parameters. 

additional  references 

•  Command-Line  Syntax  Key 


repair-bde 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Accesses  encrypted  data  on  a  severely  damaged  hard  disk  if  the  drive  was  encrypted  by  using  BitLocker.  Repair- 
bde  can  reconstruct  critical  parts  of  the  drive  and  salvage  recoverable  data  as  long  as  a  valid  recovery  password  or 
recovery  key  is  used  to  decrypt  the  data.  If  the  BitLocker  metadata  data  on  the  drive  has  become  corrupt,  you  must 
be  able  to  supply  a  backup  key  package  in  addition  to  the  recovery  password  or  recovery  key.  This  key  package  is 
backed  up  in  Active  Directory  Domain  Services  (AD  DS)  if  you  used  the  default  setting  for  AD  DS  backup.  With 
this  key  package  and  either  the  recovery  password  or  recovery  key,  you  can  decrypt  portions  of  a  BitLocker- 
protected  drive  if  the  disk  is  corrupted.  Each  key  package  will  work  only  for  a  drive  that  has  the  corresponding  drive 
identifier.  You  can  use  the  BitLocker  Recovery  Password  Viewer  for  Active  Directory  to  obtain  this  key  package 
from  AD  DS. 


NOTE 

The  BitLocker  Recovery  Password  Viewer  is  included  as  one  of  the  optional  management  features  installable  using  Server 
Manage  on  Windows  Server  2012. 


The  following  limitations  exist  for  the  Repair-bde  command-line  tool: 

•  Repair-bde  cannot  repair  a  drive  that  failed  during  the  encryption  or  decryption  process. 

•  Repair-bde  assumes  that  if  the  drive  has  any  encryption,  then  the  drive  has  been  fully  encrypted. 

For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

repair-bde  <InputVolume>  <OutputVolumeorImage>  [-rk]  [ — rp ]  [-pw]  [ — kp ]  [-If]  [-f]  [{-?|/?}] 


Parameters 

PARAMETER  DESCRIPTION 

<  lnputVolume>  Identifies  the  drive  letter  of  the  BitLocker-encrypted  drive  that 

you  want  to  repair.  The  drive  letter  must  include  a  colon;  for 
example:  C:. 


<OutputVolumeorlmage>  Identifies  the  drive  on  which  to  store  the  content  of  the 

repaired  drive.  All  information  on  the  output  drive  will  be 
overwritten. 


-rk  Identifies  the  location  of  the  recovery  key  that  should  be  used 

to  unlock  the  volume.  This  command  may  also  be  specified  as 

-recoverykey. 


-rp 


Identifies  the  numerical  recovery  password  that  should  be 
used  to  unlock  the  volume.  This  command  may  also  be 
specified  as  -recoverypassword. 


PARAMETER 


DESCRIPTION 


-pw  Identifies  the  password  that  should  be  used  to  unlock  the 

volume.  This  command  may  also  be  specified  as  -password 


-kp  Identifies  the  recovery  key  package  that  can  be  used  to  unlock 

the  volume.  This  command  may  also  be  specified  as  - 

keypackage. 


-If  Specifies  the  path  to  the  file  that  will  store  Repair-bde  error, 

warning,  and  information  messages.  This  command  may  also 
be  specified  as  -logfile. 


-f  Forces  a  volume  to  be  dismounted  even  if  it  cannot  be  locked. 

This  command  may  also  be  specified  as  -force. 

-?  or  /?  Displays  Help  at  the  command  prompt. 

Remarks 

If  the  path  to  a  key  package  is  not  specified,  repair-bde  will  search  the  drive  for  a  key  package.  However,  if  the  hard 
drive  has  been  damaged,  repair-bde  may  not  be  able  to  find  the  package  and  will  prompt  you  to  provide  the  path. 

Examples 

The  following  example  attempts  to  repair  drive  C  and  write  the  content  from  drive  C  to  drive  D  by  using  the 
recovery  key  file  (RecoveryKey.bek)  stored  on  drive  F  and  writes  the  results  of  this  attempt  to  the  log  file  (log.txt) 
on  drive  Z. 

repair-bde  C:  D:  -rk  F:\RecoveryKey.bek  -If  Z:\log.txt 

The  following  example  attempts  to  repair  drive  C  and  write  the  content  on  drive  C  to  drive  D  by  using  the  48-digit 
recovery  password  specified.  The  recovery  password  should  be  typed  in  eight  blocks  of  six  digits  with  a  hyphen 
separating  each  block. 

repair-bde  C:  D:  -rp  111111-222222-333333-444444-555555-666666-777777-888888 

The  following  example  forces  drive  C  to  be  dismounted  and  then  attempts  to  repair  drive  C  and  write  the  content 
on  drive  C  to  drive  D  by  using  the  recovery  key  package  and  recovery  key  file  (RecoveryKey.bek)  stored  on  drive  F. 

repair-bde  C:  D:  -kp  F:\RecoveryKeyPackage  -rk  F:\RecoveryKey.bek  -f 

The  following  example  attempts  to  repair  drive  C  and  write  the  content  from  drive  C  to  drive  D  and  you  must  type 
a  password  to  unlock  drive  C:  when  prompted: 

repair-bde  C:  D:  -pw 

Additional  references 

•  Command-Line  Syntax  Key 


replace 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Replaces  files.  If  used  with  the  /a  option,  replace  adds  new  files  to  a  directory  instead  of  replacing  existing  files. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

replace  [<Drivel> : ] [<Pathl>]<FileName>  [<Drive2> : ] [<Path2>]  [/a]  [ /p ]  [/r]  [ /w] 
replace  [<Drivel> :  ]  [<Pathl>]<FilelMame>  [<Drive2> :  ]  [<Path2>]  [/p]  [/r]  [/s]  [/w]  [ /u ] 


Parameters 

PARAMETER  DESCRIPTION 


[<  Drivel  >:][] 

Specifies  the  location  and  name  of  the  source  file  or  set  of  files. 
FileName  is  required,  and  can  include  wildcard  characters  (* 
and  ?). 

[<Drive2>:][] 

Specifies  the  location  of  the  destination  file.  You  cannot  specify 
a  file  name  for  files  you  replace.  If  you  do  not  specify  a  drive  or 
path,  replace  uses  the  current  drive  and  directory  as  the 
destination. 

/a 

Adds  new  files  to  the  destination  directory  instead  of  replacing 
existing  files.  You  cannot  use  this  command-line  option  with 
the  /s  or  /u  command-line  option. 

/P 

Prompts  you  for  confirmation  before  replacing  a  destination 
file  or  adding  a  source  file. 

/r 

Replaces  Read-only  and  unprotected  files.  If  you  attempt  to 
replace  a  Read-only  file,  but  you  do  not  specify  /r,  an  error 
results  and  stops  the  replacement  operation. 

/w 

Waits  for  you  to  insert  a  disk  before  the  search  for  source  files 
begins.  If  you  do  not  specify  /w,  replace  begins  replacing  or 
adding  files  immediately  after  you  press  ENTER. 

/s 

Searches  all  subdirectories  in  the  destination  directory  and 
replaces  matching  files.  You  cannot  use  /s  with  the  /a 
command-line  option.  The  replace  command  does  not  search 
subdirectories  that  are  specified  in  Path! . 

/u 

Replaces  only  those  files  on  the  destination  directory  that  are 
older  than  those  in  the  source  directory.  You  cannot  use  /u 
with  the  /a  command-line  option. 

/? 


Displays  help  at  the  command  prompt. 


Remarks 


•  As  replace  adds  or  replaces  files,  the  file  names  are  displayed  on  the  screen.  After  replace  is  finished,  a 
summary  line  is  displayed  in  one  of  the  following  formats: 

nnn  files  added  nnn  files  replaced  no  file  added  no  file  replaced 

•  If  you  are  using  floppy  disks  and  you  need  to  switch  disks  during  the  replace  operation,  you  can  specify  the  /w 
command-line  option  so  that  replace  will  wait  for  you  to  switch  the  disks. 

•  You  cannot  use  replace  to  update  hidden  files  or  system  files. 

•  The  following  table  shows  each  exit  code  and  a  brief  description  of  its  meaning: 

| Exit  code|Description|  |— . -| . |  |0|The  replace  command  successfully  replaced  or  added  the  files. | 

1 1  |The  replace  command  encountered  an  incorrect  version  of  MS-DOS. |  |2|The  replace  command  could  not 
find  the  source  files.]  |3|The  replace  command  could  not  find  the  source  or  destination  path.|  |5|The  user  does 
not  have  access  to  the  files  that  you  want  to  replace.|  |8|There  is  insufficient  system  memory  to  carry  out  the 
command. |  |1 1  |The  user  used  the  wrong  syntax  on  the  command  line.| 


NOTE 

You  can  use  the  ERRORLEVEL  parameter  on  the  if  command  line  in  a  batch  program  to  process  exit  codes  that  are  returned 

by  replace. 


Examples 

To  update  all  the  versions  of  a  file  named  Phones.cli  (which  appear  in  multiple  directories  on  drive  C),  with  the 
latest  version  of  the  Phones.cli  file  from  a  floppy  disk  in  drive  A,  type: 

replace  a:\phones.cli  c:\  /s 

Additional  references 


Command-Line  Syntax  Key 


reset  session 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  2016,  Windows  Server  2012  R2, 
Windows  Server  2012 

Enables  you  to  reset  (delete)  a  session  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server, 
for  examples  of  how  to  use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 


reset  session  {<SessionName> 

<SessionID>}  [/server : <ServerName>]  [/v] 

Parameters 

PARAMETER 

DESCRIPTION 

Specifies  the  name  of  the  session  that  you  want  to  reset.  To 
determine  the  name  of  the  session,  use  the  query  session 
command. 

Specifies  the  ID  of  the  session  to  reset. 

/server: 

Specifies  the  terminal  server  containing  the  session  that  you 
want  to  reset.  Otherwise,  the  current  rd  Session  Host  server  is 
used. 

/v 

Displays  information  about  the  actions  being  performed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  can  always  reset  your  own  sessions,  but  you  must  have  Full  Control  access  permission  to  reset  another  user's  session. 

•  Be  aware  that  resetting  a  user's  session  without  warning  the  user  can  result  in  the  loss  of  data  at  the  session. 

•  You  should  reset  a  session  only  when  it  malfunctions  or  appears  to  have  stopped  responding. 

•  The  /server  parameter  is  required  only  if  you  use  reset  session  from  a  remote  server. 

##  Examples 

•  To  reset  the  session  designated  rdp-tcp#6,  type: 

reset  session  rdp-tcp#6 

•  To  reset  the  session  that  uses  session  ID  3,  type: 

reset  session  3 
####  additional  references 
Command- Line  Syntax  Key 

remote  Desktop  Services  (Terminal  Services)  Command  Reference 


rexec 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Rexec  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  Rexec. 


risetup 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


The  risetup  command  is  deprecated  in  Windows  Server®  2008  and  Windows  Server  2008  R2. 


rmdir 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


This  command  is  the  same  as  the  rd  command.  See  Rd  for  syntax  and  parameters. 


robocopy 

4/13/2018  •  6  min  to  read  •  EditOnline 

Copies  file  data. 

Syntax 

robocopy  <Source>  <Destination>  [<File>[  ...]] 

[<0ptions>] 

Parameters 

PARAMETER 

DESCRIPTION 

<Source> 

Specifies  the  path  to  the  source  directory. 

<  Destination  > 

Specifies  the  path  to  the  destination  directory. 

<File> 

Specifies  the  file  or  files  to  be  copied.  You  can  use  wildcard 
characters  (*  or  ?),  if  you  want.  If  the  File  parameter  is  not 
specified,  *.\*  is  used  as  the  default  value. 

<Options> 

Specifies  options  to  be  used  with  the  robocopy  command. 

Copy  options 

OPTION 

DESCRIPTION 

/S 

Copies  subdirectories.  Note  that  this  option  excludes  empty 
directories. 

/e 

Copies  subdirectories.  Note  that  this  option  includes  empty 
directories.  For  additional  information,  see  Remarks. 

/lev:<N> 

Copies  only  the  top  N  levels  of  the  source  directory  tree. 

/z 

Copies  files  in  Restart  mode. 

/b 

Copies  files  in  Backup  mode. 

/zb 

Uses  Restart  mode.  If  access  is  denied,  this  option  uses  Backup 
mode. 

/efsraw 

Copies  all  encrypted  files  in  EFS  RAW  mode. 

OPTION 


DESCRIPTION 


/copy:<CopyFlags> 

Specifies  the  file  properties  to  be  copied.  The  following  are  the 
valid  values  for  this  option: 

D  Data 

A  Attributes 

T  Time  stamps 

S  NTFS  access  control  list  (ACL) 

O  Owner  information 

U  Auditing  information 

The  default  value  for  CopyFlags  is  DAT  (data,  attributes,  and 
time  stamps). 

/dcopy:T 

Copies  directory  time  stamps. 

/sec 

Copies  files  with  security  (equivalent  to  /copy:DAT). 

/copyall 

Copies  all  file  information  (equivalent  to  /copy:DATSOU). 

/nocopy 

Copies  no  file  information  (useful  with  /purge). 

/secfix 

Fixes  file  security  on  all  files,  even  skipped  ones. 

/timfix 

Fixes  file  times  on  all  files,  even  skipped  ones. 

/purge 

Deletes  destination  files  and  directories  that  no  longer  exist  in 
the  source.  For  additional  information,  see  Remarks. 

/mir 

Mirrors  a  directory  tree  (equivalent  to  /e  plus  /purge).  For 
additional  information,  see  Remarks. 

/mov 

Moves  files,  and  deletes  them  from  the  source  after  they  are 
copied. 

/move 

Moves  files  and  directories,  and  deletes  them  from  the  source 
after  they  are  copied. 

/a  +  :[RASHCNET] 

Adds  the  specified  attributes  to  copied  files. 

/a-:[RASHCNET] 

Removes  the  specified  attributes  from  copied  files. 

/create 

Creates  a  directory  tree  and  zero-length  files  only. 

/fat 

Creates  destination  files  by  using  8.3  character- length  FAT  file 
names  only. 

/256 

Turns  off  support  for  very  long  paths  (longer  than  256 
characters). 

/mon:<N> 

Monitors  the  source,  and  runs  again  when  more  than  N 
changes  are  detected. 

/mot:<M> 

Monitors  source,  and  runs  again  in  M  minutes  if  changes  are 
detected. 

OPTION 


DESCRIPTION 


/MT[:N] 

Creates  multi-threaded  copies  with  N  threads.  N  must  be  an 
integer  between  1  and  128.  The  default  value  for  N  is  8. 

The  /MT  parameter  cannot  be  used  with  the  /IPG  and 
/EFSRAW  parameters. 

Redirect  output  using  /LOG  option  for  better  performance. 

Note:  The  /MT  parameter  applies  to  Windows  Server  2008  R2 
and  Windows  7. 

/rh:hhmm-hhmm 

Specifies  run  times  when  new  copies  may  be  started. 

/Pf 

Checks  run  times  on  a  per-file  (not  per-pass)  basis. 

/ipg:n 

Specifies  the  inter-packet  gap  to  free  bandwidth  on  slow  lines. 

/si 

Copies  the  symbolic  link  instead  of  the  target. 

IMPORTANT 

When  using  the  /SECFIX  copy  option,  specify  the  type  of  security  information  you  want  to  copy  by  also  using  one  of  these 
additional  copy  options: 

>  -  /COPYALL 

>  -  /C0PY:0 

>  /COPY:S 

>  -  /COPY:U 

>  - /SEC 


File  selection  options 

OPTION 

DESCRIPTION 

/a 

Copies  only  files  for  which  the  Archive  attribute  is  set. 

/m 

Copies  only  files  for  which  the  Archive  attribute  is  set,  and 
resets  the  Archive  attribute. 

/ia:[RASHCNETO] 

Includes  only  files  for  which  any  of  the  specified  attributes  are 
set. 

/xa:[RASHCNETO] 

Excludes  files  for  which  any  of  the  specified  attributes  are  set. 

/xf  <FileName>[ ...] 

Excludes  files  that  match  the  specified  names  or  paths.  Note 
that  FileName  can  include  wildcard  characters  (*  and  ?). 

/xd  <  Directory  >[ ...] 

Excludes  directories  that  match  the  specified  names  and  paths. 

/xct 

Excludes  changed  files. 

/xn 

Excludes  newer  files. 

/xo 

Excludes  older  files. 

/xx 

Excludes  extra  files  and  directories. 

OPTION 


DESCRIPTION 


/xl 

Excludes  "lonely"  files  and  directories. 

/is 

Includes  the  same  files. 

/it 

Includes  "tweaked"  files. 

/max:<N> 

Specifies  the  maximum  file  size  (to  exclude  files  bigger  than  N 
bytes). 

/min:<N> 

Specifies  the  minimum  file  size  (to  exclude  files  smaller  than  N 
bytes). 

/maxage:<N> 

Specifies  the  maximum  file  age  (to  exclude  files  older  than  N 
days  or  date). 

/minage:<N> 

Specifies  the  minimum  file  age  (exclude  files  newer  than  N 
days  or  date). 

/maxlad:<N> 

Specifies  the  maximum  last  access  date  (excludes  files  unused 
since  N). 

/minlad:<N> 

Specifies  the  minimum  last  access  date  (excludes  files  used 
since  N)  If  N  is  less  than  1 900,  N  specifies  the  number  of  days. 
Otherwise,  N  specifies  a  date  in  the  format  YYYYMMDD. 

/xj 

Excludes  junction  points,  which  are  normally  included  by 
default. 

/fft 

Assumes  FAT  file  times  (two-second  precision). 

/dst 

Compensates  for  one-hour  DST  time  differences. 

/xjd 

Excludes  junction  points  for  directories. 

/xjf 

Excludes  junction  points  for  files. 

Retry  options 

OPTION 

DESCRIPTION 

/r:<N> 

Specifies  the  number  of  retries  on  failed  copies.  The  default 
value  of  N  is  1,000,000  (one  million  retries). 

/w:<N> 

Specifies  the  wait  time  between  retries,  in  seconds.  The  default 
value  of  N  is  30  (wait  time  30  seconds). 

/reg 

Saves  the  values  specified  in  the  /r  and  /w  options  as  default 
settings  in  the  registry. 

/tbd 

Specifies  that  the  system  will  wait  for  share  names  to  be 
defined  (retry  error  67). 

Logging  options 

OPTION 


DESCRIPTION 


/I 

Specifies  that  files  are  to  be  listed  only  (and  not  copied, 
deleted,  or  time  stamped). 

/X 

Reports  all  extra  files,  not  just  those  that  are  selected. 

/V 

Produces  verbose  output,  and  shows  all  skipped  files. 

As 

Includes  source  file  time  stamps  in  the  output. 

AP 

Includes  the  full  path  names  of  the  files  in  the  output. 

/bytes 

Prints  sizes,  as  bytes. 

/ns 

Specifies  that  file  sizes  are  not  to  be  logged. 

/nc 

Specifies  that  file  classes  are  not  to  be  logged. 

/nfl 

Specifies  that  file  names  are  not  to  be  logged. 

/ndl 

Specifies  that  directory  names  are  not  to  be  logged. 

/np 

Specifies  that  the  progress  of  the  copying  operation  (the 
number  of  files  or  directories  copied  so  far)  will  not  be 
displayed. 

/eta 

Shows  the  estimated  time  of  arrival  (ETA)  of  the  copied  files. 

/log:<LogFile> 

Writes  the  status  output  to  the  log  file  (overwrites  the  existing 
log  file). 

/log+:<LogFile> 

Writes  the  status  output  to  the  log  file  (appends  the  output  to 
the  existing  log  file). 

/Unicode 

Displays  the  status  output  as  Unicode  text. 

/unilog:<LogFile> 

Writes  the  status  output  to  the  log  file  as  Unicode  text 
(overwrites  the  existing  log  file). 

/unilog+:<LogFile> 

Writes  the  status  output  to  the  log  file  as  Unicode  text 
(appends  the  output  to  the  existing  log  file). 

/tee 

Writes  the  status  output  to  the  console  window,  as  well  as  to 
the  log  file. 

/njh 

Specifies  that  there  is  no  job  header. 

/njs 

Specifies  that  there  is  no  job  summary. 

Job  options 


OPTION 


DESCRIPTION 


/job:<JobName> 

Specifies  that  parameters  are  to  be  derived  from  the  named 
job  file. 

/save:<JobName> 

Specifies  that  parameters  are  to  be  saved  to  the  named  job 
file. 

/quit 

Quits  after  processing  command  line  (to  view  parameters). 

/nosd 

Indicates  that  no  source  directory  is  specified. 

/nodd 

Indicates  that  no  destination  directory  is  specified. 

/if 

Includes  the  specified  files. 

Remarks 

•  The  /mir  option  is  equivalent  to  the  /e  plus  /purge  options  with  one  small  difference  in  behavior: 
o  With  the  /e  plus  /purge  options,  if  the  destination  directory  exists,  the  destination  directory  security 
settings  are  not  overwritten. 

o  With  the  /mir  option,  if  the  destination  directory  exists,  the  destination  directory  security  settings  are 
overwritten. 

Additional  references 

Command-Line  Syntax  Key 


route_ws2008 

1 0/1 7/2017  •  6  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  and  modifies  the  entries  in  the  local  IP  routing  table.  Used  without  parameters,  route  displays  help. 

Syntax 

route  [/f]  [/p]  [<Command>  [<Destination>]  [mask  <Netmask>]  [<Gateway>]  [metric  <Metric>]]  [if  <Interface>] ] 


Parameters 

PARAMETER 

DESCRIPTION 

/f 

Clears  the  routing  table  of  all  entries  that  are  not  host  routes 
(routes  with  a  netmask  of  255.255.255.255),  the  loopback 
network  route  (routes  with  a  destination  of  1 27.0.0.0  and  a 
netmask  of  255.0.0.0),  or  a  multicast  route  (routes  with  a 
destination  of  224.0.0.0  and  a  netmask  of  240.0.0.0).  If  this  is 
used  in  conjunction  with  one  of  the  commands  (such  as  add, 
change,  or  delete),  the  table  is  cleared  prior  to  running  the 
command. 

/P 

When  used  with  the  add  command,  the  specified  route  is 
added  to  the  registry  and  is  used  to  initialize  the  IP  routing 
table  whenever  the  TCP/IP  protocol  is  started.  By  default, 
added  routes  are  not  preserved  when  the  TCP/IP  protocol  is 
started.  When  used  with  the  print  command,  the  list  of 
persistent  routes  is  displayed.  This  parameter  is  ignored  for  all 
other  commands.  Persistent  routes  are  stored  in  the  registry 
location 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servi 

ces\Tcpip\Parameters\PersistentRoutes. 

Specifies  the  command  you  want  to  run.  The  following  table 
lists  valid  commands: 

-  add:  adds  a  route. 

-  change:  modifies  an  existing  route. 

-  delete:  deletes  a  route  or  routes. 

-  print:  prints  a  route  or  routes. 

Specifies  the  network  destination  of  the  route.  The  destination 
can  be  an  IP  network  address  (where  the  host  bits  of  the 
network  address  are  set  to  0),  an  IP  address  for  a  host  route, 
or  0. 0.0.0  for  the  default  route. 

mask 

Specifies  the  network  destination  of  the  route.  The  destination 
can  be  an  IP  network  address  (where  the  host  bits  of  the 
network  address  are  set  to  0),  an  IP  address  for  a  host  route, 
or  0. 0.0.0  for  the  default  route. 

PARAMETER 


DESCRIPTION 


Specifies  the  forwarding  or  next  hop  IP  address  over  which  the 
set  of  addresses  defined  by  the  network  destination  and 
subnet  mask  are  reachable.  For  locally  attached  subnet  routes, 
the  gateway  address  is  the  IP  address  assigned  to  the 
interface  that  is  attached  to  the  subnet.  For  remote  routes, 
available  across  one  or  more  routers,  the  gateway  address  is  a 
directly  reachable  IP  address  that  is  assigned  to  a  neighboring 
router. 


metric  Specifies  an  integer  cost  metric  (ranging  from  1  to  9999)  for 

the  route,  which  is  used  when  choosing  among  multiple 
routes  in  the  routing  table  that  most  closely  match  the 
destination  address  of  a  packet  being  forwarded.  The  route 
with  the  lowest  metric  is  chosen.  The  metric  can  reflect  the 
number  of  hops,  the  speed  of  the  path,  path  reliability,  path 
throughput,  or  administrative  properties. 


if  Specifies  the  interface  index  for  the  interface  over  which  the 

destination  is  reachable.  For  a  list  of  interfaces  and  their 
corresponding  interface  indexes,  use  the  display  of  the  route 
print  command.  You  can  use  either  decimal  or  hexadecimal 
values  for  the  interface  index.  For  hexadecimal  values,  precede 
the  hexadecimal  number  with  Ox.  When  the  if  parameter  is 
omitted,  the  interface  is  determined  from  the  gateway 
address. 


/?  Displays  help  at  the  command  prompt. 

remarks 

•  Large  values  in  the  metric  column  of  the  routing  table  are  the  result  of  allowing  TCP/IP  to  automatically 
determine  the  metric  for  routes  in  the  routing  table  based  on  the  configuration  of  IP  address,  subnet  mask,  and 
default  gateway  for  each  LAN  interface.  Automatic  determination  of  the  interface  metric,  enabled  by  default, 
determines  the  speed  of  each  interface  and  adjusts  the  metrics  of  routes  for  each  interface  so  that  the  fastest 
interface  creates  the  routes  with  the  lowest  metric.  To  remove  the  large  metrics,  disable  the  automatic 
determination  of  the  interface  metric  from  the  advanced  properties  of  the  TCP/IP  protocol  for  each  LAN 
connection. 

•  Names  can  be  used  for  Destination  if  an  appropriate  entry  exists  in  the  local  Networks  file  stored  in  the 
systemroot\System32\Drivers\Etc  folder.  Names  can  be  used  for  the  gateway  as  long  as  they  can  be  resolved 
to  an  IP  address  through  standard  host  name  resolution  techniques  such  as  Domain  Name  System  (DNS) 
queries,  use  of  the  local  Hosts  file  stored  in  the  systemroot\system32\drivers\etc  folder,  and  NetBIOS  name 
resolution. 

•  if  the  command  is  print  or  delete,  the  Gateway  parameter  can  be  omitted  and  wildcards  can  be  used  for  the 
destination  and  gateway.  The  Destination  value  can  be  a  wildcard  value  specified  by  an  asterisk  (*).  If  the 
destination  specified  contains  an  asterisk  (*)  or  a  question  mark  (?),  it  is  treated  as  a  wildcard  and  only  matching 
destination  routes  are  printed  or  deleted.  The  asterisk  matches  any  string,  and  the  question  mark  matches  any 
single  character.  For  example,  10.*.1, 1 92.1 68.*,  1 27.*,  and  *224*  are  all  valid  uses  of  the  asterisk  wildcard. 

•  Using  an  invalid  combination  of  a  destination  and  subnet  mask  (netmask)  value  displays  a  "Route:  bad  gateway 
address  netmask"  error  message.  This  error  message  appears  when  the  destination  contains  one  or  more  bits 
set  to  1  in  bit  locations  where  the  corresponding  subnet  mask  bit  is  set  to  0.  To  test  this  condition,  express  the 
destination  and  subnet  mask  using  binary  notation.  The  subnet  mask  in  binary  notation  consists  of  a  series  of  1 
bits,  representing  the  network  address  portion  of  the  destination,  and  a  series  of  0  bits,  representing  the  host 
address  portion  of  the  destination.  Check  to  determine  whether  there  are  bits  in  the  destination  that  are  set  to  1 


for  the  portion  of  the  destination  that  is  the  host  address  (as  defined  by  the  subnet  mask). 

The  /p  parameter  is  only  supported  on  the  route  command  for  Windows  NT  4.0,  Windows  2000,  Windows 
Millennium  edition,  Windows  XP,  and  Windows  Server  2003.  This  parameter  is  not  supported  by  the  route 
command  for  Windows  95  or  Windows  98. 

This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network  Connections. 

##  Examples 

To  display  the  entire  contents  of  the  IP  routing  table,  type: 
route  print 

To  display  the  routes  in  the  IP  routing  table  that  begin  with  1 0,  type: 
route  print  10.* 

To  add  a  default  route  with  the  default  gateway  address  of  1 92.1 68.1 2.1 ,  type: 
route  add  0.0. 0.0  mask  0.0. 0.0  192.168.12.1 

To  add  a  route  to  the  destination  1 0.41 .0.0  with  the  subnet  mask  of  255.255.0.0  and  the  next  hop  address  of 
10.27.0.1,  type: 

route  add  10.41.0.0  mask  255.255.0.0  10.27.0.1 

To  add  a  persistent  route  to  the  destination  1 0.41 .0.0  with  the  subnet  mask  of  255.255.0.0  and  the  next  hop 
address  of  1 0.27.0.1 ,  type: 
route  /p  add  10.41.0.0  mask  255.255.0.0  10.27.0.1 

To  add  a  route  to  the  destination  1 0.41 .0.0  with  the  subnet  mask  of  255.255.0.0,  the  next  hop  address  of 
1 0.27.0.1 ,  and  the  cost  metric  of  7,  type: 
route  add  10.41.0.0  mask  255.255.0.0  10.27.0.1  metric  7 

To  add  a  route  to  the  destination  1 0.41 .0.0  with  the  subnet  mask  of  255.255.0.0,  the  next  hop  address  of 
1 0.27.0.1 ,  and  using  the  interface  index  0x3,  type: 
route  add  10.41.0.0  mask  255.255.0.0  10.27.0.1  if  0x3 

To  delete  the  route  to  the  destination  10.41 .0.0  with  the  subnet  mask  of  255.255.0.0,  type: 
route  delete  10.41.0.0  mask  255.255.0.0 

To  delete  all  routes  in  the  I P  routing  table  that  begin  with  1 0,  type: 
route  delete  10.* 

To  change  the  next  hop  address  of  the  route  with  the  destination  of  1 0.41 .0.0  and  the  subnet  mask  of 
255.255.0.0  from  10.27.0.1  to  1 0.27.0.25,  type: 

route  change  10.41.0.0  mask  255.255.0.0  10.27.0.25 
##  additional  references 
Command-Line  Syntax  Key 


rpcinfo 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

lists  programs  on  remote  computers.  The  rpcinfo  command-line  utility  makes  a  remote  procedure  call  (RPC)  to  an 
RPC  server  and  reports  what  it  finds. 

Syntax 

rpcinfo  [/p  [<Node>]]  [/b  <Program  version)]  [/t  <Node  Program)  [<version>]]  [/u  <Node  Program)  [eversion)]] 

Parameters 


PARAMETER 

DESCRIPTION 

/P  □ 

lists  all  programs  registered  with  the  port  mapper  on  the 
specified  host.  If  you  do  not  specify  a  node  (computer)  name, 
the  program  queries  the  port  mapper  on  the  local  host. 

/b 

Requests  a  response  from  all  network  nodes  that  have  the 
specified  program  and  version  registered  with  the  port 
mapper.  You  must  specify  both  a  program  name  or  number 
and  a  version  number. 

AD 

Uses  the  TCP  transport  protocol  to  call  the  specified  program. 
You  must  specify  both  a  node  (computer)  name  and  a 
program  name.  If  you  do  not  specify  a  version,  the  program 
calls  all  versions. 

/u  0 

Uses  the  UDP  transport  protocol  to  call  the  specified  program. 
You  must  specify  both  a  node  (computer)  name  and  a 
program  name.  If  you  do  not  specify  a  version,  the  program 
calls  all  versions. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  list  all  programs  registered  with  the  port  mapper,  type: 
rpcinfo  /p  [<Node>] 

To  request  a  response  from  network  nodes  that  have  a  specified  program,  type: 

rpcinfo  /b  eProgram  version) 


To  use  Transmission  Control  Protocol  (TCP)  to  call  a  program,  type: 


rpcinfo  /t  <Node  Program>  [<version>] 


Use  User  Datagram  Protocol  (UDP)  to  call  a  program: 


rpcinfo  /u  <Node  Program>  [<version>] 


additional  references 

•  Command-Line  Syntax  Key 


rpcping 

2/27/2018  •  6  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Confirms  the  RPC  connectivity  between  the  computer  running  Microsoft  Exchange  Server  and  any  of  the 
supported  Microsoft  Exchange  Client  workstations  on  the  network.  This  utility  can  be  used  to  check  if  the  Microsoft 
Exchange  Server  services  are  responding  to  RPC  requests  from  the  client  workstations  via  the  network. 

Syntax 

rpcping  [/t  <protseq>]  [/s  <server_addr>]  [/e  <endpoint> 

|/f  cinterface  UUID>[ ,Majorver] ]  [/0  -(Interface  Object  UUID] 

[/i  <#_iterations>]  [/u  <security_package_id>]  [/a  <authn_level>] 

[/N  <server_princ_name>]  [/I  <auth_identity>]  [/C  <capabilities>] 

[/T  <identity_tracking>]  [ /M  <impersonation_type>] 

[/S  <server_sid>]  [/P  <proxy_auth_identity>]  [/F  <RPCHTTP_flags>] 

[/H  <RPC/HTTP_authn_schemes>]  [/o  <binding_options>] 

[/B  <server_certificate_subject>]  [ /b ]  [ /E ]  [/q]  [/c] 

[/A  <http_proxy_auth_identity>]  [/U  <HTTP_proxy_authn_schemes>] 

[/r  <report_results_interval>]  [/v  <verbose_level>]  [/d] 


Parameters 

PARAMETER  DESCRIPTION 

/t  Specifies  the  protocol  sequence  to  use.  Can  be  one  of  the 

standard  RPC  protocol  sequences,  for  example:  ncacn_ip_tcp, 
ncacn_np,  or  ncacn_http. 

if  not  specified,  default  is  ncacn_ip_tcp. 


/s  <server_addr> 


Specifies  the  server  address.  If  not  specified,  the  local  machine 
will  be  pinged. 


/e  Specifies  the  endpoint  to  ping.  If  none  is  specified,  the 

endpoint  mapper  on  the  target  machine  will  be  pinged. 

This  option  is  mutually  exclusive  with  the  interface  (/f)  option. 


/o  <binding_options> 


Specifies  the  binding  options  for  the  RPC  ping. 


/f  [,Majorver]  Specifies  the  interface  to  ping.  This  option  is  mutually  exclusive 

with  the  endpoint  option.  The  interface  is  specified  as  a  UUID. 

if  the  Majorver  is  not  specified,  version  1  of  the  interface  will 
be  sought. 

When  interface  is  specified,  rpcping  will  query  the  endpoint 
mapper  on  the  target  machine  to  retrieve  the  endpoint  for  the 
specified  interface.  The  endpoint  mapper  will  be  queried  using 
the  options  specified  in  the  command  line. 


PARAMETER 


DESCRIPTION 


/o 


Specifies  the  object  UUID  if  the  interface  registered  one. 


/i  <#_iterations>  Specifies  the  number  of  calls  to  make.  The  default  is  1 .  This 

option  is  useful  for  measuring  connection  latency  if  multiple 
iterations  are  specified. 


/u  <security_package_id>  Specifies  the  security  package  (security  provider)  RPC  will  use 

to  make  the  call.  The  security  package  is  identified  as  a 
number  or  a  name.  If  a  number  is  used  it  is  the  same  number 
as  in  the  RpcBindingSetAuthlnfoEx  API.  The  list  below  shows 
the  names  and  numbers.  Names  are  not  case  sensitive: 

-  Negotiate  /  9  or  one  of  nego,  snego  or  negotiate 

-  NTLM/IOor  NTLM 

-  SChannel  /  14  or  SChannel 

-  Kerberos  /  1 6  or  Kerberos 

-  Kernel  /  20  or  Kernel 

if  you  specify  this  option,  you  must  specify  authentication  level 
other  than  none.  There  is  no  default  for  this  option.  If  it  is  not 
specified,  RPC  will  not  use  security  for  the  ping. 


/a  <authn_level>  Specifies  the  authentication  level  to  use.  Possible  values  are: 

-  connect 

-  call 

-  pkt 

-  integrity 

-  privacy 

if  this  option  is  specified,  the  security  package  ID  (/u)  must 
also  be  specified.  There  is  no  default  for  this  option. 

if  this  option  is  not  specified,  RPC  will  not  use  security  for  the 
ping. 


/N  <server_princ_name>  Specifies  a  server  principal  name. 

This  field  can  be  used  only  when  authentication  level  and 
security  package  are  selected. 


/I  <auth_identity>  Allows  you  to  specify  alternative  identity  to  connect  to  the 

server.  The  identity  is  in  the  form  user, domain, password.  If  the 
user  name,  domain,  or  password  have  special  characters  that 
can  be  interpreted  by  the  shell,  enclose  the  identity  in  double 
quotes.  You  can  specify  \*  instead  of  the  password  and  RPC 
will  prompt  you  to  enter  the  password  without  echoing  it  on 
the  screen.  If  this  field  is  not  specified,  the  identity  of  the 
logged  on  user  will  be  used. 

This  field  can  be  used  only  when  authentication  level  and 
security  package  are  selected. 


PARAMETER 


DESCRIPTION 


/c 

Specifies  a  hexadecimal  bitmask  of  flags.  This  field  can  be  used 
only  when  authentication  level  and  security  package  are 
selected. 

/T  <identity_tracking> 

Specifies  static  or  dynamic.  If  not  specified,  dynamic  is  the 
default. 

This  field  can  be  used  only  when  authentication  level  and 
security  package  are  selected. 

/M  <impersonation_type> 

Specifies  anonymous,  identify,  impersonate  or  delegate. 

Default  is  impersonate. 

This  field  can  be  used  only  when  authentication  level  and 
security  package  are  selected. 

/S  <server_sid> 

Specifies  the  expected  SID  of  the  server. 

This  field  can  be  used  only  when  authentication  level  and 
security  package  are  selected. 

/P  <  proxy _auth_identity> 

Specifies  the  identity  to  authenticate  with  to  the  RPC/HTTP 
proxy.  Has  the  same  format  as  for  the  /I  option.  You  must 
specify  security  package  (/u),  authentication  level  (/a),  and 
authentication  schemes  (/H)  in  order  to  use  this  option. 

/F  <RPCHTTP_flags> 

Specifies  the  flags  to  pass  for  RPC/HTTP  front  end 
authentication.  The  flags  may  be  specified  as  numbers  or 
names  The  currently  recognized  flags  are: 

-  Use  SSL  /  1  or  ssl  or  use_ssl 

-  Use  first  auth  scheme  /  2  or  first  or  use_first 

You  must  specify  security  package  (/u)  and  authentication  level 
(/a)  in  order  to  use  this  option. 

/H  <RPC/HTTP_authn_schemes>  Specifies  the  authentication  schemes  to  use  for  RPC/HTTP 

front  end  authentication.  This  option  is  a  list  of  numerical 
values  or  names  separated  by  comma.  Example:  Basic, NTLM. 
Recognized  values  are  (names  are  not  case  sensitive): 

-  Basic  /  1  or  Basic 

-  NTLM  /  2  or  NTLM 

-  Certificate  /  65536  or  Cert 

You  must  specify  security  package  (/u)  and  authentication  level 
(/a)  in  order  to  use  this  option. 


/B  <server_certificate_subject>  Specifies  the  server  certificate  subject.  You  must  use  SSL  for 

this  option  to  work. 

You  must  specify  security  package  (/u)  and  authentication  level 
(/a)  in  order  to  use  this  option. 


PARAMETER 


DESCRIPTION 


/b 

Retrieves  the  server  certificate  subject  from  the  certificate  sent 
by  the  server  and  prints  it  to  a  screen  or  a  log  file.  Valid  only 
when  the  Proxy  echo  only  option  (/E)  and  the  use  SSL  options 
are  specified. 

You  must  specify  security  package  (/u)  and  authentication  level 
(/a)  in  order  to  use  this  option. 

/R 

Specifies  the  HTTP  proxy.  If  none,  the  RPC  proxy  is  used.  The 
value  default  means  to  use  the  IE  settings  in  your  client 
machine.  Any  other  value  will  be  treated  as  the  explicit  HTTP 
proxy.  If  you  do  not  specify  this  flag,  the  default  value  is 
assumed,  that  is,  the  IE  settings  are  checked.  This  flag  is  valid 
only  when  the  /E  (echo  Only)  flag  is  enabled. 

/E 

Restricts  the  ping  to  the  RPC/HTTP  proxy  only.  The  ping  does 
not  reach  the  server.  Useful  when  trying  to  establish  whether 
the  RPC/HTTP  proxy  is  reachable.  To  specify  an  HTTP  proxy, 
use  the  /R  flag.  If  an  HTTP  proxy  is  specified  in  the  /o  flag,  this 
option  will  be  ignored. 

You  must  specify  security  package  (/u)  and  authentication  level 
(/a)  in  order  to  use  this  option. 

/q 

Specifies  quiet  mode.  Does  not  issue  any  prompts  except  for 
passwords.  Assumes  Y  response  to  all  queries.  Use  this  option 
with  care. 

/c 

Use  smart  card  certificate,  rpcping  will  prompt  user  to  choose 
smart  card. 

/A 

Specifies  the  identity  with  which  to  authenticate  to  the  HTTP 
proxy.  Has  the  same  format  as  for  the  /I  option. 

You  must  specify  authentication  schemes  (/U),  security 
package  (/u)  and  authentication  level  (/a)  in  order  to  use  this 
option. 

/u 

Specifies  the  authentication  schemes  to  use  for  HTTP  proxy 
authentication.  This  option  is  a  list  of  numerical  values  or 
names  separated  by  comma.  Example:  Basic, NTLM.  Recognized 
values  are  (names  are  not  case  sensitive): 

-  Basic  /  1  or  Basic 

-  NTLM  /  2  or  NTLM 

You  must  specify  security  package  (/u)  and  authentication  level 
(/a)  in  order  to  use  this  option. 

/r 

if  multiple  iterations  are  specified,  this  option  will  make 
rpcping  display  current  execution  statistics  periodically 
instead  after  the  last  call.  The  report  interval  is  given  in 
seconds.  Default  is  15. 

/v 

Tells  rpcping  how  verbose  to  make  the  output.  Default  value 
is  1 . 2  and  3  provide  more  output  from  rpcping. 

PARAMETER 


DESCRIPTION 


/d  Launches  RPC  network  diagnostic  Ul. 

/p  Specifies  to  prompt  for  credentials  if  authentication  fails. 

/?  Displays  help  at  the  command  prompt. 


Examples 

To  find  out  if  your  Exchange  server  that  you  connect  through  RPC/HTTP  is  accessible,  type: 


rpcping  /t  ncacn_http  /s  exchange_server  /o  RpcProxy=front_end_proxy  /P  "username, domain,*"  /H  Basic  /u  NTLM  /a 
connect  /F  3 


additional  references 

•  Command-Line  Syntax  Key 


rsh 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Runs  commands  on  remote  computers  running  the  RSH  service  or  daemon.  This  command  has  been  deprecated. 
You  can  install  the  Subsystem  for  UNIX-based  Applications  using  the  Add  Features  Wizard.  For  more  information, 
see  Windows  Server  2008  UNIX  Interoperability  Components  at  the  Microsoft  Web  site.  After  installation,  you  can 
then  open  a  C  Shell  or  Korn  Shell  command  window  and  run  rsh.  For  more  information,  type  man  rsh  at  the  C 
Shell  or  Korn  Shell  prompt. 


rundll32 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Loads  and  runs  32-bit  dynamic-link  libraries  (DLLs).  There  are  no  configurable  settings  for  Rundll32.  Help 
information  is  provided  for  a  specific  DLL  you  run  with  the  rundll32  command. 

You  must  run  the  rundll32  command  from  an  elevated  command  prompt.  To  open  an  elevated  command  prompt, 
click  Start,  right-click  Command  Prompt,  and  then  click  Run  as  administrator. 

Syntax 

Rundll32  <DLLname> 


Commands 

PARAMETER  DESCRIPTION 

Rundll32  printui.dll, PrintU  I  Entry  Displays  the  printer  user  interface 

Remarks 

Rundll32  can  only  call  functions  from  a  DLL  that  are  explicitly  written  to  be  called  by  Rundll32.  For  more 
information  about  Rundll32  requirements  see  article  1 64787  in  the  Microsoft  Knowledge  Base 

(https://go.microsoft.com/fwlink/7Linkl  D  =  1 65773). 

Additional  references 

Command-Line  Syntax  Key 


rwinsta 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Enables  you  to  reset  (delete)  a  session  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

remarks 

This  command  is  the  same  as  the  reset  session  command. 

additional  references 

reset  session  Command-Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


schtasks 

4/1 3/2018  •  62  min  to  read  •  Edit  Online 


Schedules  commands  and  programs  to  run  periodically  or  at  a  specific  time.  Adds  and  removes  tasks  from  the 

schedule,  starts  and  stops  tasks  on  demand,  and  displays  and  changes  scheduled  tasks. 

To  view  the  command  syntax,  click  one  of  the  following  commands: 

•  schtasks  create 

•  schtasks  change 

•  schtasks  run 

•  schtasks  end 

•  schtasks  delete 

•  schtasks  query 

Remarks 

•  SchTasks.exe  performs  the  same  operations  as  Scheduled  Tasks  in  Control  Panel.  You  can  use  these  tools 
together  and  interchangeably. 

•  Schtasks  replaces  At.exe,  a  tool  included  in  previous  versions  of  Windows.  Although  At.exe  is  still  included  in 
the  Windows  Server  2003  family,  schtasks  is  the  recommended  command-line  task  scheduling  tool. 

•  The  parameters  in  a  schtasks  command  can  appear  in  any  order.  Typing  schtasks  without  any  parameters 
performs  a  query. 

•  Permissions  for  schtasks 

o  You  must  have  permission  to  run  the  command.  Any  user  can  schedule  a  task  on  the  local  computer,  and 
they  can  view  and  change  the  tasks  that  they  scheduled.  Members  of  the  Administrators  group  can 
schedule,  view,  and  change  all  tasks  on  the  local  computer, 
o  To  schedule,  view,  or  change  a  task  on  a  remote  computer,  you  must  be  member  of  the  Administrators 
group  on  the  remote  computer,  or  you  must  use  the  /u  parameter  to  provide  the  credentials  of  an 
Administrator  of  the  remote  computer. 

o  You  can  use  the  /u  parameter  in  a  /create  or  /change  operation  only  when  the  local  and  remote 
computers  are  in  the  same  domain  or  the  local  computer  is  in  a  domain  that  the  remote  computer 
domain  trusts.  Otherwise,  the  remote  computer  cannot  authenticate  the  user  account  specified  and  it 
cannot  verify  that  the  account  is  a  member  of  the  Administrators  group, 
o  The  task  must  have  permission  to  run.  The  permissions  required  vary  with  the  task.  By  default,  tasks  run 
with  the  permissions  of  the  current  user  of  the  local  computer,  or  with  the  permissions  of  the  user 
specified  by  the  /u  parameter,  if  one  is  included.  To  run  a  task  with  permissions  of  a  different  user 
account  or  with  system  permissions,  use  the  /ru  parameter. 

•  To  verify  that  a  scheduled  task  ran  or  to  find  out  why  a  scheduled  task  did  not  run,  see  the  Task  Scheduler 
service  transaction  log,  Sysfemftoof\SchedLgU.txt.  This  log  records  attempted  runs  initiated  by  all  tools  that  use 
the  service,  including  Scheduled  Tasks  and  SchTasks.exe. 

•  On  rare  occasions,  task  files  become  corrupted.  Corrupted  tasks  do  not  run.  When  you  try  to  perform  an 
operation  on  corrupted  tasks,  SchTasks.exe  displays  the  following  error  message: 

ERROR:  The  data  is  invalid. 

You  cannot  recover  corrupted  tasks.  To  restore  the  task  scheduling  features  of  the  system,  use  SchTasks.exe  or 
Scheduled  Tasks  to  delete  the  tasks  from  the  system  and  reschedule  them. 


schtasks  create 

Schedules  a  task. 

Schtasks  uses  different  parameter  combinations  for  each  schedule  type.  To  see  the  combined  syntax  for  creating 
tasks  or  to  see  the  syntax  for  creating  a  task  with  a  particular  schedule  type,  click  one  of  the  following  options. 

•  Combined  syntax  and  parameter  descriptions 

•  To  schedule  a  task  that  runs  every  N  minutes 

•  To  schedule  a  task  that  runs  every  N  hours 

•  To  schedule  a  task  that  runs  every  N  days 

•  To  schedule  a  task  that  runs  every  N  weeks 

•  To  schedule  a  task  that  runs  every  N  months 

•  To  schedule  a  task  that  runs  on  a  specific  day  of  the  week 

•  To  schedule  a  task  that  runs  on  a  specific  week  of  the  month 

•  To  schedule  a  task  that  runs  on  a  specific  date  each  month 

•  To  schedule  a  task  that  runs  on  the  last  day  of  a  month 

•  To  schedule  a  task  that  runs  once 

•  To  schedule  a  task  that  runs  every  time  the  system  starts 

•  To  schedule  a  task  that  runs  when  a  user  logs  on 

•  To  schedule  a  task  that  runs  when  the  system  is  idle 

•  To  schedule  a  task  that  runs  now 

•  To  schedule  a  task  that  runs  with  different  permissions 

•  To  schedule  a  task  that  runs  with  system  permissions 

•  To  schedule  a  task  that  runs  more  than  one  program 

•  To  schedule  a  task  that  runs  on  a  remote  computer 

Combined  syntax  and  parameter  descriptions 
Syntax 

schtasks  /create  /sc  <ScheduleType>  /tn  <TaskName>  /tr  <TaskRun>  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p 
<Password>] ] ]  [/ru  {[<Domain>\]<User>  |  System}]  [/rp  <Password>]  [/mo  <Modifier>]  [/d  <Day>[j<Day>. .  .  ]  |  *] 
[/m  <Month>[ J<Month>. . . ] ]  [/i  <IdleTime>]  [/st  <StartTime>]  [/ri  <Interval>]  [{/et  <EndTime>  |  /du  <Duration>} 
[ /k ] ]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/it]  [/z]  [/f] 

Parameters 

/sc  <ScheduleType> 

Specifies  the  schedule  type.  Valid  values  are  MINUTE,  HOURLY,  DAILY,  WEEKLY,  MONTHLY,  ONCE,  ONSTART, 
ONLOGON,  ONIDLE. 


SCHEDULE  TYPE 

DESCRIPTION 

MINUTE,  HOURLY,  DAILY,  WEEKLY  MONTHLY 

Specifies  the  time  unit  for  the  schedule. 

ONCE 

The  task  runs  once  at  a  specified  date  and  time. 

ONSTART 

The  task  runs  every  time  the  system  starts.  You  can  specify  a 
start  date,  or  run  the  task  the  next  time  the  system  starts. 

ONLOGON 

The  task  runs  whenever  a  user  (any  user)  logs  on.  You  can 
specify  a  date,  or  run  the  task  the  next  time  the  user  logs  on. 

SCHEDULE  TYPE 


DESCRIPTION 


ONIDLE  The  task  runs  whenever  the  system  is  idle  for  a  specified 

period  of  time.  You  can  specify  a  date,  or  run  the  task  the  next 
time  the  system  is  idle. 


/tn  <TaskName> 

Specifies  a  name  for  the  task.  Each  task  on  the  system  must  have  a  unique  name.  The  name  must  conform  to  the 
rules  for  file  names  and  must  not  exceed  238  characters.  Use  quotation  marks  to  enclose  names  that  include 
spaces. 

/tr  <TaskRun> 

Specifies  the  program  or  command  that  the  task  runs.  Type  the  fully  qualified  path  and  file  name  of  an  executable 
file,  script  file,  or  batch  file.  The  path  name  must  not  exceed  262  characters.  If  you  omit  the  path,  schtasks  assumes 
that  the  file  is  in  the  System /?oof\System32  directory. 

/s  <  Com  puter  > 

Schedules  a  task  on  the  specified  remote  computer.  Type  the  name  or  IP  address  of  a  remote  computer  (with  or 
without  backslashes).  The  default  is  the  local  computer.  The  /u  and  /p  parameters  are  valid  only  when  you  use  /s. 

/u  [<  Domain  >] 

Runs  this  command  with  the  permissions  of  the  specified  user  account.  The  default  is  the  permissions  of  the 
current  user  of  the  local  computer.  The  /u  and  /p  parameters  are  valid  only  for  scheduling  a  task  on  a  remote 
computer  (/s). 

The  permissions  of  the  specified  account  are  used  to  schedule  the  task  and  to  run  the  task.  To  run  the  task  with  the 
permissions  of  a  different  user,  use  the  /ru  parameter. 

The  user  account  must  be  a  member  of  the  Administrators  group  on  the  remote  computer.  Also,  the  local  computer 
must  be  in  the  same  domain  as  the  remote  computer,  or  must  be  in  a  domain  that  is  trusted  by  the  remote 
computer  domain. 

/p  <Password> 

Provides  the  password  for  the  user  account  specified  in  the  /u  parameter.  If  you  use  the  /u  parameter,  but  omit  the 
/p  parameter  or  the  password  argument,  schtasks  prompts  you  for  a  password  and  obscures  the  text  you  type. 

The  /u  and  /p  parameters  are  valid  only  for  scheduling  a  task  on  a  remote  computer  (/s). 

/ru  {[<Domain>]  |  System} 

Runs  the  task  with  permissions  of  the  specified  user  account.  By  default,  the  task  runs  with  the  permissions  of  the 
current  user  of  the  local  computer,  or  with  the  permission  of  the  user  specified  by  the  /u  parameter,  if  one  is 
included.  The  /ru  parameter  is  valid  when  scheduling  tasks  on  local  or  remote  computers. 

VALUE  DESCRIPTION 

[<Domain>]  Specifies  an  alternate  user  account. 

System  or ""  Specifies  the  local  System  account,  a  highly  privileged  account 

used  by  the  operating  system  and  system  services. 


/rp  <Password> 

Provides  the  password  for  the  user  account  that  is  specified  in  the  /ru  parameter.  If  you  omit  this  parameter  when 
specifying  a  user  account,  SchTasks.exe  prompts  you  for  the  password  and  obscures  the  text  you  type. 

Do  not  use  the  /rp  parameter  for  tasks  run  with  System  account  credentials  (/ru  System).  The  System  account 
does  not  have  a  password  and  SchTasks.exe  does  not  prompt  for  one. 

/mo  <Modifier> 

Specifies  how  often  the  task  runs  within  its  schedule  type.  This  parameter  is  valid,  but  optional,  for  a  MINUTE, 
HOURLY,  DAILY,  WEEKLY,  and  MONTHLY  schedule.  The  default  value  is  1 . 


SCHEDULE  TYPE 


MODIFIER  VALUES 


DESCRIPTION 


MINUTE 

1  -  1439 

The  task  runs  every  <N>  minutes. 

HOURLY 

1  -  23 

The  task  runs  every  <N>  hours. 

DAILY 

1  -  365 

The  task  runs  every  <N>  days. 

WEEKLY 

1  -  52 

The  task  runs  every  <N>  weeks. 

ONCE 

No  modifiers. 

The  task  runs  once. 

ONSTART 

No  modifiers. 

The  task  runs  at  startup. 

ONLOGON 

No  modifiers. 

The  task  runs  when  the  user  specified 
by  the  /u  parameter  logs  on. 

ONIDLE 

No  modifiers. 

The  task  runs  after  the  system  is  idle  for 
the  number  of  minutes  specified  by  the 
/i  parameter,  which  is  required  for  use 
with  ONIDLE. 

MONTHLY 

1  -  12 

The  task  runs  every  <N>  months. 

MONTHLY 

LASTDAY 

The  task  runs  on  the  last  day  of  the 
month. 

MONTHLY 

FIRST,  SECOND,  THIRD,  FOURTH,  LAST 

Use  with  the  /d<  Day>  parameter  to 
run  a  task  on  a  particular  week  and  day. 
For  example,  on  the  third  Wednesday  of 
the  month. 

/d  Day  [.Day...]  |  * 

Specifies  a  day  (or  days)  of  the  week  or  a  day  (or  days)  of  a  month.  Valid  only  with  a  WEEKLY  or  MONTHLY 


schedule. 

SCHEDULE  TYPE 

MODIFIER 

DAY  VALUES  (/D) 

DESCRIPTION 

WEEKLY 

1  -  52 

MON  -  SUN[,MON  -  SUN...] 

k 

MONTHLY 

FIRST,  SECOND,  THIRD, 
FOURTH,  LAST 

MON  -  SUN 

Required  for  a  specific  week 
schedule. 

MONTHLY 

None  or  (1  -  1 2} 

1  -  31 

Optional  and  valid  only  with 

no  modifier  (/mo)  parameter 
(a  specific  date  schedule)  or 
when  the  /mo  is  1  -  1 2  (an 
"every  <N>  months" 
schedule).  The  default  is  day 
1  (the  first  day  of  the 
month). 


/m  Month  [.Month...] 

Specifies  a  month  or  months  of  the  year  during  which  the  scheduled  task  should  run.  Valid  values  are  JAN  -  DEC 
and  *  (every  month).  The /m  parameter  is  valid  only  with  a  MONTHLY  schedule.  It  is  required  when  the  LASTDAY 
modifier  is  used.  Otherwise,  it  is  optional  and  the  default  value  is  *  (every  month). 


/i  <ldleTime> 

Specifies  how  many  minutes  the  computer  is  idle  before  the  task  starts.  A  valid  value  is  a  whole  number  from  1  to 
999.  This  parameter  is  valid  only  with  an  ON  IDLE  schedule,  and  then  it  is  required. 

/st  <StartTime> 

Specifies  the  time  of  day  that  the  task  starts  (each  time  it  starts)  in  <HH:MM  >  24-hour  format.  The  default  value  is 
the  current  time  on  the  local  computer.  The  /st  parameter  is  valid  with  MINUTE,  HOURLY,  DAILY,  WEEKLY, 
MONTHLY,  and  ONCE  schedules.  It  is  required  for  a  ONCE  schedule. 

/ ri  <lnterval> 

Specifies  the  repetition  interval  in  minutes.  This  is  not  applicable  for  schedule  types:  MINUTE,  HOURLY, 

ONSTART,  ONLOGON,  and  ONIDLE.  Valid  range  is  1  to  599940  minutes  (599940  minutes  =  9999  hours).  If 
either  /ET  or  /DU  is  specified,  then  the  repetition  interval  defaults  to  1 0  minutes. 

/et  <EndTime> 

Specifies  the  time  of  day  that  a  minute  or  hourly  task  schedule  ends  in  <HH:MM>  24-hour  format.  After  the 
specified  end  time,  schtasks  does  not  start  the  task  again  until  the  start  time  recurs.  By  default,  task  schedules  have 
no  end  time.  This  parameter  is  optional  and  valid  only  with  a  MINUTE  or  HOURLY  schedule. 

For  an  example,  see: 

•  "To  schedule  a  task  that  runs  every  1 00  minutes  during  non-business  hours"  in  the  To  schedule  a  task  that 
runs  every  <  N  >  minutes  section. 

/du  <Duration> 

Specifies  a  maximum  length  of  time  for  a  minute  or  hourly  schedule  in  <HHHH:MM>  24-hour  format.  After  the 
specified  time  elapses,  schtasks  does  not  start  the  task  again  until  the  start  time  recurs.  By  default,  task  schedules 
have  no  maximum  duration.  This  parameter  is  optional  and  valid  only  with  a  MINUTE  or  HOURLY  schedule. 

For  an  example,  see: 

•  "To  schedule  a  task  that  runs  every  3  hours  for  1 0  hours"  in  the  To  schedule  a  task  that  runs  every  <  N  > 
hours  section. 


/k 

Stops  the  program  that  the  task  runs  at  the  time  specified  by  /et  or  /du.  Without  /k,  schtasks  does  not  start  the 
program  again  after  it  reaches  the  time  specified  by  /et  or  /du,  but  it  does  not  stop  the  program  if  it  is  still  running. 
This  parameter  is  optional  and  valid  only  with  a  MINUTE  or  HOURLY  schedule. 

For  an  example,  see: 

•  "To  schedule  a  task  that  runs  every  1 00  minutes  during  non-business  hours"  in  the  To  schedule  a  task  that 
runs  every  <  N  >  minutes  section. 

/sd  <StartDate> 

Specifies  the  date  on  which  the  task  schedule  starts.  The  default  value  is  the  current  date  on  the  local  computer.  The 
/sd  parameter  is  valid  and  optional  for  all  schedule  types. 

The  format  for  StartDate  varies  with  the  locale  selected  for  the  local  computer  in  Regional  and  Language 
Options  in  Control  Panel.  Only  one  format  is  valid  for  each  locale. 

The  valid  date  formats  are  listed  in  the  following  table.  Use  the  format  most  similar  to  the  format  selected  for 

Short  date  in  Regional  and  Language  Options  in  Control  Panel  on  the  local  computer. 

VALUE  DESCRIPTION 


<MM>/ 


/  Use  for  month-first  formats,  such  as  English  (United  States) 
and  Spanish  (Panama). 


VALUE 


DESCRIPTION 


<  DD>// 


Use  for  day-first  formats,  such  as  Bulgarian  and  Dutch 
(Netherlands). 


<YYYY>// 


Use  for  year-first  formats,  such  as  Swedish  and  French 
(Canada). 


/ed  <EndDate> 

Specifies  the  date  on  which  the  schedule  ends.  This  parameter  is  optional.  It  is  not  valid  in  a  ONCE,  ONSTART, 
ONLOGON,  or  ONIDLE  schedule.  By  default,  schedules  have  no  ending  date. 

The  format  for  EndDate  varies  with  the  locale  selected  for  the  local  computer  in  Regional  and  Language 
Options  in  Control  Panel.  Only  one  format  is  valid  for  each  locale. 

The  valid  date  formats  are  listed  in  the  following  table.  Use  the  format  most  similar  to  the  format  selected  for 

Short  date  in  Regional  and  Language  Options  in  Control  Panel  on  the  local  computer. 

| - 1 - 1  |<mm>/ 

/|Use  for  month-first  formats,  such  as  English  (United  States)  and  Spanish  (Panama).|  |<DD>//|Use  for  day- 
first  formats,  such  as  Bulgarian  and  Dutch  (Netherlands). |  |<YYYY >// 

|Use  for  year-first  formats,  such  as  Swedish  and  French  (Canada). | 

/it 

Specifies  to  run  the  task  only  when  the  "run  as"  user  (the  user  account  under  which  the  task  runs)  is  logged 
on  to  the  computer.  This  parameter  has  no  effect  on  tasks  that  run  with  system  permissions. 

By  default,  the  "run  as"  user  is  the  current  user  of  the  local  computer  when  the  task  is  scheduled  or  the 
account  specified  by  the  /u  parameter,  if  one  is  used.  However,  if  the  command  includes  the  /ru  parameter, 
then  the  "run  as"  user  is  the  account  specified  by  the  /ru  parameter. 

For  examples,  see: 

•  "To  schedule  a  task  that  runs  every  70  days  if  I  am  logged  on"  in  the  To  schedule  a  task  that  runs  every 
N  days  section. 

•  "To  run  a  task  only  when  a  particular  user  is  logged  on"  in  the  To  schedule  a  task  that  runs  with 
different  permissions  section. 


/z 

Specifies  to  delete  the  task  upon  completion  of  its  schedule. 

/f 

Specifies  to  create  the  task  and  suppress  warnings  if  the  specified  task  already  exists. 

/? 

Displays  help  at  the  command  prompt. 

To  schedule  a  task  that  runs  every  N  minutes 

Minute  Schedule  Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  minute  [/mo  {1  -  1439}]  [/st  <HH:MM>]  [/sd  <StartDate>] 
[/ed  <EndDate>]  [{/et  <HH:MM>  |  /du  <HHHH:MM>}  [ /k ] ]  [/it]  [/ru  { [<Domain>\] <User>  [/rp  <Password>]  | 
System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  a  minute  schedule,  the  /sc  minute  parameter  is  required.  The  /mo  (modifier)  parameter  is  optional  and 
specifies  the  number  of  minutes  between  each  run  of  the  task.  The  default  value  for  /mo  is  1  (every  minute). 
The  /et  (end  time)  and  /du  (duration)  parameters  are  optional  and  can  be  used  with  or  without  the  /k  (end 


task)  parameter. 

Examples 

To  schedule  a  task  that  runs  every  20  minutes 

The  following  command  schedules  a  security  script,  Sec.vbs,  to  run  every  20  minutes.  The  command  uses  the 
/sc  parameter  to  specify  a  minute  schedule  and  the  /mo  parameter  to  specify  an  interval  of  20  minutes. 

Because  the  command  does  not  include  a  starting  date  or  time,  the  task  starts  20  minutes  after  the  command 
completes,  and  runs  every  20  minutes  thereafter  whenever  the  system  is  running.  Notice  that  the  security 
script  source  file  is  located  on  a  remote  computer,  but  that  the  task  is  scheduled  and  executes  on  the  local 
computer. 

schtasks  /create  /sc  minute  /mo  20  /tn  "Security  Script"  /tr  \\central\data\scripts\sec.vbs 

To  schedule  a  task  that  runs  every  100  minutes  during  non-business  hours 

The  following  command  schedules  a  security  script,  Sec.vbs,  to  run  on  the  local  computer  every  1 00  minutes 
between  5:00  P.M.  and  7:59  A.M.  each  day.  The  command  uses  the  /sc  parameter  to  specify  a  minute 
schedule  and  the  /mo  parameter  to  specify  an  interval  of  1 00  minutes.  It  uses  the  /st  and  /et  parameters  to 
specify  the  start  time  and  end  time  of  each  day's  schedule.  It  also  uses  the  /k  parameter  to  stop  the  script  if  it 
is  still  running  at  7:59  A.M.  Without /k,  schtasks  would  not  start  the  script  after  7:59  A.M.,  but  if  the  instance 
started  at  6:20  A.M.  was  still  running,  it  would  not  stop  it. 

schtasks  /create  /tn  "Security  Script"  /tr  sec.vbs  /sc  minute  /mo  100  /st  17:00  /et  08:00  /k 

To  schedule  a  task  that  runs  every  N  hours 

Hourly  Schedule  Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  hourly  [/mo  {1  -  23}]  [/st  <HH:MM>]  [/sd  <StartDate>] 
[/ed  <EndDate>]  [{/et  <HH:MM>  |  /du  <HHHH:MM>}  [ /k ] ]  [/it]  [/ru  { [<Domain>\] <User>  [/rp  <Password>]  | 
System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [ /p  <Password>] ] ] 

Remarks 

In  an  hourly  schedule,  the  /sc  hourly  parameter  is  required.  The  /mo  (modifier)  parameter  is  optional  and 
specifies  the  number  of  hours  between  each  run  of  the  task.  The  default  value  for  /mo  is  1  (every  hour).  The 
/k  (end  task)  parameter  is  optional  and  can  be  used  with  either  /et  (end  at  the  specified  time)  or  /du  (end 
after  the  specified  interval). 

Examples 

To  schedule  a  task  that  runs  every  five  hours 

The  following  command  schedules  the  MyApp  program  to  run  every  five  hours  beginning  on  the  first  day  of 
March  2002.  It  uses  the  /mo  parameter  to  specify  the  interval  and  the  /sd  parameter  to  specify  the  start  date. 
Because  the  command  does  not  specify  a  start  time,  the  current  time  is  used  as  the  start  time. 

Because  the  local  computer  is  set  to  use  the  English  (Zimbabwe)  option  in  Regional  and  Language 
Options  in  Control  Panel,  the  format  for  the  start  date  is  MM/DD/YYYY  (03/01/2002). 

schtasks  /create  /sc  hourly  /mo  5  /sd  03/01/2002  /tn  "My  App"  /tr  c:\apps\myapp.exe 

To  schedule  a  task  that  runs  every  hour  at  five  minutes  past  the  hour 

The  following  command  schedules  the  MyApp  program  to  run  hourly  beginning  at  five  minutes  past 
midnight.  Because  the  /mo  parameter  is  omitted,  the  command  uses  the  default  value  for  the  hourly 
schedule,  which  is  every  (1)  hour.  If  this  command  runs  after  1 2:05  A.M.,  the  program  does  not  run  until  the 
next  day. 


schtasks  /create  /sc  hourly  /st  00:05  /tn  "My  App"  /tr  c:\apps\myapp.exe 

To  schedule  a  task  that  runs  every  3  hours  for  10  hours 

The  following  command  schedules  the  MyApp  program  to  run  every  3  hours  for  1 0  hours. 

The  command  uses  the  /sc  parameter  to  specify  an  hourly  schedule  and  the  /mo  parameter  to  specify  the 
interval  of  3  hours.  It  uses  the  /st  parameter  to  start  the  schedule  at  midnight  and  the  /du  parameter  to  end 
the  recurrences  after  1 0  hours.  Because  the  program  runs  for  just  a  few  minutes,  the  /k  parameter,  which 
stops  the  program  if  it  is  still  running  when  the  duration  expires,  is  not  necessary. 

schtasks  /create  /tn  "My  App"  /tr  myapp.exe  /sc  hourly  /mo  3  /st  00:00  /du  0010:00 

In  this  example,  the  task  runs  at  1 2:00  A.M.,  3:00  A.M.,  6:00  A.M.,  and  9:00  A.M.  Because  the  duration  is  10 
hours,  the  task  is  not  run  again  at  1 2:00  P.M.  Instead,  it  starts  again  at  1 2:00  A.M.  the  next  day. 

To  schedule  a  task  that  runs  every  N  days 

Daily  Schedule  Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  dally  [/mo  {1  -  365}]  [/st  <HH:MM>]  [/sd  <StartDate>] 
[/ed  <EndDate>]  [/it]  [/ru  {[<Domain>\]<User>  [/r p  <Password>]  |  System}]  [/s  <Computer>  [/u  [<Domain>\] 
<User>  [/p  <Password>] ] ] 

Remarks 

In  a  daily  schedule,  the  /sc  daily  parameter  is  required.  The  /mo  (modifier)  parameter  is  optional  and 
specifies  the  number  of  days  between  each  run  of  the  task.  The  default  value  for  /mo  is  1  (every  day). 

Examples 

To  schedule  a  task  that  runs  every  day 

The  following  example  schedules  the  MyApp  program  to  run  once  a  day,  every  day,  at  8:00  A.M.  until 
December  31,  2002.  Because  it  omits  the  /mo  parameter,  the  default  interval  of  1  is  used  to  run  the 
command  every  day. 

In  this  example,  because  the  local  computer  system  is  set  to  the  English  (United  Kingdom)  option  in 
Regional  and  Language  Options  in  Control  Panel,  the  format  for  the  end  date  is  DD/MM/YYYY 
(31/12/2002) 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  dally  /st  08:00  /ed  31/12/2002 

To  schedule  a  task  that  runs  every  12  days 

The  following  example  schedules  the  MyApp  program  to  run  every  twelve  days  at  1 :00  P.M.  (1 3:00) 
beginning  on  December  31,  2002.  The  command  uses  the /mo  parameter  to  specify  an  interval  of  two  (2) 
days  and  the  /sd  and  /st  parameters  to  specify  the  date  and  time. 

In  this  example,  because  the  system  is  set  to  the  English  (Zimbabwe)  option  in  Regional  and  Language 
Options  in  Control  Panel,  the  format  for  the  end  date  is  MM/DD/YYYY  (1 2/31/2002) 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  dally  /mo  12  /sd  12/31/2002  /st  13:00 

To  schedule  a  task  that  runs  every  70  days  if  I  am  logged  on 

The  following  command  schedules  a  security  script,  Sec.vbs,  to  run  every  70  days.  The  command  uses  the 
/mo  parameter  to  specify  an  interval  of  70  days.  It  also  uses  the  /it  parameter  to  specify  that  the  task  runs 
only  when  the  user  under  whose  account  the  task  runs  is  logged  onto  the  computer.  Because  the  task  will  run 
with  the  permissions  of  my  user  account,  then  the  task  will  run  only  when  I  am  logged  on. 


schtasks  /create  /tn  "Security  Script"  /tr  sec.vbs  /sc  daily  /mo  70  /it 


NOTE 

To  identify  tasks  with  the  interactive-only  (/it)  property,  use  a  verbose  query  (/query  /v).  In  a  verbose  query  display  of 
a  task  with  /it,  the  Logon  Mode  field  has  a  value  of  Interactive  only. 


To  schedule  a  task  that  runs  every  N  weeks 

Weekly  Schedule  Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  weekly  [/mo  {1  -  52}]  [/d  {<MON  -  SUN>[,MON  -  SUN...]  | 
*}]  [/st  <HH:MM>]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/it]  [/ru  { [<Domain>\]<User>  [/rp  <Password>]  | 
System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  a  weekly  schedule,  the  /sc  weekly  parameter  is  required.  The  /mo  (modifier)  parameter  is  optional  and 
specifies  the  number  of  weeks  between  each  run  of  the  task.  The  default  value  for  /mo  is  1  (every  week). 

Weekly  schedules  also  have  an  optional  /d  parameter  to  schedule  the  task  to  run  on  specified  days  of  the 
week,  or  on  all  days  0.  The  default  is  MON  (Monday).  The  every  day  0  option  is  equivalent  to  scheduling  a 
daily  task. 

Examples 

To  schedule  a  task  that  runs  every  six  weeks 

The  following  command  schedules  the  MyApp  program  to  run  on  a  remote  computer  every  six  weeks.  The 
command  uses  the  /mo  parameter  to  specify  the  interval.  Because  the  command  omits  the  /d  parameter,  the 
task  runs  on  Mondays. 

This  command  also  uses  the  /s  parameter  to  specify  the  remote  computer  and  the  /u  parameter  to  run  the 
command  with  the  permissions  of  the  user's  Administrator  account.  Because  the  /p  parameter  is  omitted, 
SchTasks.exe  prompts  the  user  for  the  Administrator  account  password. 

Also,  because  the  command  is  run  remotely,  all  paths  in  the  command,  including  the  path  to  MyApp.exe,  refer 
to  paths  on  the  remote  computer. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  weekly  /mo  6  /s  Serverl6  /u  Admin01 

To  schedule  a  task  that  runs  every  other  week  on  Friday 

The  following  command  schedules  a  task  to  run  every  other  Friday.  It  uses  the  /mo  parameter  to  specify  the 
two-week  interval  and  the  /d  parameter  to  specify  the  day  of  the  week.  To  schedule  a  task  that  runs  every 
Friday,  omit  the  /mo  parameter  or  set  it  to  1 . 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  weekly  /mo  2  /d  FRI 


To  schedule  a  task  that  runs  every  N  months 

Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  monthly  [/mo  {1  -  12}]  [/d  {1  -  31}]  [/st  <HH:MM>]  [/sd 
<StartDate>]  [/ed  <EndDate>]  [/it]  [/ru  {[<Domain>\]<User>  [/rp  <Password>]  |  System}]  [/s  <Computer>  [/u 
[<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  this  schedule  type,  the  /sc  monthly  parameter  is  required.  The  /mo  (modifier)  parameter,  which  specifies 


the  number  of  months  between  each  run  of  the  task,  is  optional  and  the  default  is  1  (every  month).  This 
schedule  type  also  has  an  optional  /d  parameter  to  schedule  the  task  to  run  on  a  specified  date  of  the  month. 
The  default  is  1  (the  first  day  of  the  month). 

Examples 

To  schedule  a  task  that  runs  on  the  first  day  of  every  month 

The  following  command  schedules  the  MyApp  program  to  run  on  the  first  day  of  every  month.  Because  a 
value  of  1  is  the  default  for  both  the  /mo  (modifier)  parameter  and  the  /d  (day)  parameter,  these  parameters 
are  omitted  from  the  command. 

schtasks  /create  /tn  "My  App"  /tr  myapp.exe  /sc  monthly 

To  schedule  a  task  that  runs  every  three  months 

The  following  command  schedules  the  MyApp  program  to  run  every  three  months.  It  uses  the  /mo 
parameter  to  specify  the  interval. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /mo  3 

To  schedule  a  task  that  runs  at  midnight  on  the  21st  day  of  every  other  month 

The  following  command  schedules  the  MyApp  program  to  run  every  other  month  on  the  21  st  day  of  the 
month  at  midnight.  The  command  specifies  that  this  task  should  run  for  one  year,  from  July  2,  2002  to  June 
30,2003. 

The  command  uses  the  /mo  parameter  to  specify  the  monthly  interval  (every  two  months),  the  /d  parameter 
to  specify  the  date,  and  the  /st  to  specify  the  time.  It  also  uses  the  /sd  and  /ed  parameters  to  specify  the  start 
date  and  end  date,  respectively.  Because  the  local  computer  is  set  to  the  English  (South  Africa)  option  in 
Regional  and  Language  Options  in  Control  Panel,  the  dates  are  specified  in  the  local  format, 
YYYY/MM/DD. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /mo  2  /d  21  /st  00:00  /sd  2002/07/01  /ed 
2003/06/30 


To  schedule  a  task  that  runs  on  a  specific  day  of  the  week 

Weekly  Schedule  Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  weekly  [/d  {<M0N  -  SUN>[,M0N  -  SUN...]  |  *}]  [/mo  {1  - 
52}]  [/st  <HH:MM>]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/it]  [/ru  {[<Domain>\]<User>  [/rp  <Password>]  | 
System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

The  "day  of  the  week"  schedule  is  a  variation  of  the  weekly  schedule.  In  a  weekly  schedule,  the  /sc  weekly 
parameter  is  required.  The  /mo  (modifier)  parameter  is  optional  and  specifies  the  number  of  weeks  between 
each  run  of  the  task.  The  default  value  for  /mo  is  1  (every  week).  The  /d  parameter,  which  is  optional, 
schedules  the  task  to  run  on  specified  days  of  the  week,  or  on  all  days  (J.  The  default  is  MON  (Monday).  The 
every  day  option  (*/d  ***)  is  equivalent  to  scheduling  a  daily  task. 

Examples 

To  schedule  a  task  that  runs  every  Wednesday 

The  following  command  schedules  the  MyApp  program  to  run  every  week  on  Wednesday.  The  command 
uses  the  /d  parameter  to  specify  the  day  of  the  week.  Because  the  command  omits  the  /mo  parameter,  the 
task  runs  every  week. 


schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  weekly  /d  WED 

To  schedule  a  task  that  runs  every  eight  weeks  on  Monday  and  Friday 

The  following  command  schedules  a  task  to  run  on  Monday  and  Friday  of  every  eighth  week.  It  uses  the  /d 
parameter  to  specify  the  days  and  the  /mo  parameter  to  specify  the  eight-week  interval. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  weekly  /mo  8  /d  MON,FRI 

To  schedule  a  task  that  runs  on  a  specific  week  of  the  month 

Specific  Week  Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  monthly  /mo  {FIRST  |  SECOND  |  THIRD  |  FOURTH  |  LAST}  /d 
MON  -  SUN  [/m  {TAN  -  DEC[,TAN  -  DEC...]  |  *}]  [/st  <HH:MM>]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/it]  [/ru 
{[<Domain>\]<User>  [/rp  <Password>]  |  System}]  [ / s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  this  schedule  type,  the  /sc  monthly  parameter,  the  /mo  (modifier)  parameter,  and  the  /d  (day)  parameter 
are  required.  The  /mo  (modifier)  parameter  specifies  the  week  on  which  the  task  runs.  The  /d  parameter 
specifies  the  day  of  the  week.  (You  can  specify  only  one  day  of  the  week  for  this  schedule  type.)  This  schedule 
also  has  an  optional  /m  (month)  parameter  that  lets  you  schedule  the  task  for  particular  months  or  every 
month  0.  The  default  for  the  **/m *  parameter  is  every  month  (*). 

Examples 

To  schedule  a  task  for  the  second  Sunday  of  every  month 

The  following  command  schedules  the  MyApp  program  to  run  on  the  second  Sunday  of  every  month.  It  uses 
the  /mo  parameter  to  specify  the  second  week  of  the  month  and  the  /d  parameter  to  specify  the  day. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /mo  SECOND  /d  SUN 

To  schedule  a  task  for  the  first  Monday  in  March  and  September 

The  following  command  schedules  the  MyApp  program  to  run  on  the  first  Monday  in  March  and  September. 
It  uses  the  /mo  parameter  to  specify  the  first  week  of  the  month  and  the  /d  parameter  to  specify  the  day.  It 
uses  /m  parameter  to  specify  the  month,  separating  the  month  arguments  with  a  comma. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /mo  FIRST  /d  MON  /m  MARjSEP 

To  schedule  a  task  that  runs  on  a  specific  date  each  month 

Specific  date  syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  monthly  /d  {1  -  31}  [/m  {TAN  -  DEC[,TAN  -  DEC...]  |  *}] 
[/st  <HH:MM>]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/It]  [/ru  { [<Domain>\]<User>  [/rp  <Password>]  |  System}] 
[/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  the  specific  date  schedule  type,  the  /sc  monthly  parameter  and  the  /d  (day)  parameter  are  required.  The 
/d  parameter  specifies  a  date  of  the  month  (1  -  31),  not  a  day  of  the  week.  You  can  specify  only  one  day  in  the 
schedule.  The  /mo  (modifier)  parameter  is  not  valid  with  this  schedule  type. 

The  /m  (month)  parameter  is  optional  for  this  schedule  type  and  the  default  is  every  month  0.  **Schtasks * 
does  not  let  you  schedule  a  task  for  a  date  that  does  not  occur  in  a  month  specified  by  the  /m  parameter. 
However,  if  omit  the  /m  parameter,  and  schedule  a  task  for  a  date  that  does  not  appear  in  every  month,  such 
as  the  31  st  day,  then  the  task  does  not  run  in  the  shorter  months.  To  schedule  a  task  for  the  last  day  of  the 


month,  use  the  last  day  schedule  type. 


Examples 

To  schedule  a  task  for  the  first  day  of  every  month 

The  following  command  schedules  the  MyApp  program  to  run  on  the  first  day  of  every  month.  Because  the 
default  modifier  is  none  (no  modifier),  the  default  day  is  day  1 ,  and  the  default  month  is  every  month,  the 
command  does  not  need  any  additional  parameters. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly 

To  schedule  a  task  for  the  15th  days  of  May  and  June 

The  following  command  schedules  the  MyApp  program  to  run  on  May  1 5  and  June  1 5  at  3:00  P.M.  (1 5:00).  It 
uses  the  /m  parameter  to  specify  the  date  and  the  /m  parameter  to  specify  the  months.  It  also  uses  the  /st 
parameter  to  specify  the  start  time. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /d  15  /m  MAYjJUN  /st  15:00 


To  schedule  a  task  that  runs  on  the  last  day  of  a  month 

Last  day  syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  monthly  /mo  LASTDAY  /m  {IAN  -  DEC[,JAN  -  DEC...]  |  *} 
[/st  <HH:MM>]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/It]  [/ru  { [<Domain>\]<User>  [/rp  <Password>]  |  System}] 
[/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  the  last  day  schedule  type,  the  /sc  monthly  parameter,  the  /mo  LASTDAY  (modifier)  parameter,  and  the 
/m  (month)  parameter  are  required.  The  /d  (day)  parameter  is  not  valid. 

Examples 

To  schedule  a  task  for  the  last  day  of  every  month 

The  following  command  schedules  the  MyApp  program  to  run  on  the  last  day  of  every  month.  It  uses  the 
/mo  parameter  to  specify  the  last  day  and  the  /m  parameter  with  the  wildcard  character  (*)  to  indicate  that 
the  program  runs  every  month. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /mo  lastday  /m  * 

To  schedule  a  task  at  6:00  RM.  on  the  last  days  of  February  and  March 

The  following  command  schedules  the  MyApp  program  to  run  on  the  last  day  of  February  and  the  last  day  of 
March  at  6:00  P.M.  It  uses  the  /mo  parameter  to  specify  the  last  day,  the  /m  parameter  to  specify  the  months, 
and  the  /st  parameter  to  specify  the  start  time. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /mo  lastday  /m  FEBjMAR  /st  18:00 


To  schedule  a  task  that  runs  once 

Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  once  /st  <HH:MM>  [/sd  <StartDate>]  [/it]  [/ru 
{[<Domain>\]<User>  [/rp  <Password>]  |  System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>]  ]  ] 

Remarks 

In  the  run-once  schedule  type,  the  /sc  once  parameter  is  required.  The  /st  parameter,  which  specifies  the 
time  that  the  task  runs,  is  required.  The  /sd  parameter,  which  specifies  the  date  that  the  task  runs,  is  optional. 


The  /mo  (modifier)  and  /ed  (end  date)  parameters  are  not  valid  for  this  schedule  type. 

Schtasks  does  not  permit  you  to  schedule  a  task  to  run  once  if  the  date  and  time  specified  are  in  the  past, 
based  on  the  time  of  the  local  computer.  To  schedule  a  task  that  runs  once  on  a  remote  computer  in  a 
different  time  zone,  you  must  schedule  it  before  that  date  and  time  occurs  on  the  local  computer. 

Examples 

To  schedule  a  task  that  runs  one  time 

The  following  command  schedules  the  MyApp  program  to  run  at  midnight  on  January  1,  2003.  It  uses  the 
/sc  parameter  to  specify  the  schedule  type  and  the  /sd  and  st  to  specify  the  date  and  time. 

Because  the  local  computer  uses  the  English  (United  States)  option  in  Regional  and  Language  Options 

in  Control  Panel,  the  format  for  the  start  date  is  MM/DD/YYYY. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  once  /sd  01/01/2003  /st  00:00 

To  schedule  a  task  that  runs  every  time  the  system  starts 
Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  onstart  [/sd  <StartDate>]  [/it]  [/ru  {[<Domain>\]<User> 
[/rp  <Password>]  |  System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

In  the  on-start  schedule  type,  the  /sc  onstart  parameter  is  required.  The  /sd  (start  date)  parameter  is 
optional  and  the  default  is  the  current  date. 

Examples 

To  schedule  a  task  that  runs  when  the  system  starts 

The  following  command  schedules  the  MyApp  program  to  run  every  time  the  system  starts,  beginning  on 
March  15,2001: 

Because  the  local  computer  is  uses  the  English  (United  States)  option  in  Regional  and  Language 

Options  in  Control  Panel,  the  format  for  the  start  date  is  MM/DD/YYYY. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  onstart  /sd  03/15/2001 

To  schedule  a  task  that  runs  when  a  user  logs  on 

Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  onlogon  [/sd  <StartDate>]  [/it]  [/ru  {[<Domain>\]<User> 
[/rp  <Password>]  |  System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

The  "on  logon"  schedule  type  schedules  a  task  that  runs  whenever  any  user  logs  on  to  the  computer.  In  the 
"on  logon"  schedule  type,  the  /sc  onlogon  parameter  is  required.  The  /sd  (start  date)  parameter  is  optional 
and  the  default  is  the  current  date. 

Examples 

To  schedule  a  task  that  runs  when  a  user  logs  on  to  a  remote  computer 

The  following  command  schedules  a  batch  file  to  run  every  time  a  user  (any  user)  logs  on  to  the  remote 
computer.  It  uses  the  /s  parameter  to  specify  the  remote  computer.  Because  the  command  is  remote,  all  paths 
in  the  command,  including  the  path  to  the  batch  file,  refer  to  a  path  on  the  remote  computer. 

schtasks  /create  /tn  "Start  Web  Site"  /tr  c:\myiis\webstart.bat  /sc  onlogon  /s  Server23 


To  schedule  a  task  that  runs  when  the  system  is  idle 

Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  onidle  /i  {1  -  999}  [/sd  <StartDate>]  [/it]  [/ru 
{[<Domain>\]<User>  [/rp  <Password>]  |  System}]  [ / s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Remarks 

The  "on  idle"  schedule  type  schedules  a  task  that  runs  whenever  there  is  no  user  activity  during  the  time 
specified  by  the  /i  parameter.  In  the  "on  idle"  schedule  type,  the  /sc  onidle  parameter  and  the  /i  parameter 
are  required.  The  /sd  (start  date)  is  optional  and  the  default  is  the  current  date. 

Examples 

To  schedule  a  task  that  runs  whenever  the  computer  is  idle 

The  following  command  schedules  the  MyApp  program  to  run  whenever  the  computer  is  idle.  It  uses  the 
required  /i  parameter  to  specify  that  the  computer  must  remain  idle  for  ten  minutes  before  the  task  starts. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  onidle  /i  10 


To  schedule  a  task  that  runs  now 

Schtasks  does  not  have  a  "run  now"  option,  but  you  can  simulate  that  option  by  creating  a  task  that  runs 
once  and  starts  in  a  few  minutes. 

Syntax 

schtasks  /create  /tn  <TaskName>  /tr  <TaskRun>  /sc  once  [/st  <HH:MM>]  /sd  <MM/DD/YYYY>  [/it]  [/ru 
{[<Domain>\]<User>  [/rp  <Password>]  |  System}]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ]  ] 

Examples 

To  schedule  a  task  that  runs  a  few  minutes  from  now. 

The  following  command  schedules  a  task  to  run  once,  on  November  1 3,  2002  at  2:1 8  P.M.  local  time. 

Because  the  local  computer  is  uses  the  English  (United  States)  option  in  Regional  and  Language 

Options  in  Control  Panel,  the  format  for  the  start  date  is  MM/DD/YYYY. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  once  /st  14:18  /sd  11/13/2002 


To  schedule  a  task  that  runs  with  different  permissions 

You  can  schedule  tasks  of  all  types  to  run  with  permissions  of  an  alternate  account  on  both  the  local  and  a 
remote  computer.  In  addition  to  the  parameters  required  for  the  particular  schedule  type,  the  /ru  parameter 
is  required  and  the  /rp  parameter  is  optional. 

Examples 

To  run  a  task  with  Administrator  permissions  on  the  local  computer 

The  following  command  schedules  the  MyApp  program  to  run  on  the  local  computer.  It  uses  the  /ru  to 
specify  that  the  task  should  run  with  the  permissions  of  the  user's  Administrator  account  (Admin06).  In  this 
example,  the  task  is  scheduled  to  run  every  Tuesday,  but  you  can  use  any  schedule  type  for  a  task  run  with 
alternate  permissions. 

schtasks  /create  /tn  "My  App"  /tr  myapp.exe  /sc  weekly  /d  TUE  /ru  Admin06 

In  response,  SchTasks.exe  prompts  for  the  "run  as"  password  for  the  Admin06  account  and  then  displays  a 
success  message. 


Please  enter  the  run  as  password  for  Admin06:  ******** 

SUCCESS:  The  scheduled  task  "My  App"  has  successfully  been  created. 

To  run  a  task  with  alternate  permissions  on  a  remote  computer 

The  following  command  schedules  the  MyApp  program  to  run  on  the  Marketing  computer  every  four  days. 

The  command  uses  the  /sc  parameter  to  specify  a  daily  schedule  and  /mo  parameter  to  specify  an  interval  of 
four  days. 

The  command  uses  the  /s  parameter  to  provide  the  name  of  the  remote  computer  and  the/u  parameter  to 
specify  an  account  with  permission  to  schedule  a  task  on  the  remote  computer  (AdminOI  on  the  Marketing 
computer).  It  also  uses  the  /ru  parameter  to  specify  that  the  task  should  run  with  the  permissions  of  the 
user's  non-Administrator  account  (UserOI  in  the  Reskits  domain).  Without  the  /ru  parameter,  the  task  would 
run  with  the  permissions  of  the  account  specified  by  /u. 

schtasks  /create  /tn  "My  App"  /tr  myapp.exe  /sc  dally  /mo  4  /s  Marketing  /u  Marketing\Admin01  /ru 
Reskits\User01 

Schtasks  first  requests  the  password  of  the  user  named  by  the  /u  parameter  (to  run  the  command)  and  then 
requests  the  password  of  the  user  named  by  the  /ru  parameter  (to  run  the  task).  After  authenticating  the 
passwords,  schtasks  displays  a  message  indicating  that  the  task  is  scheduled. 

Type  the  password  for  Marketing\Admin01:******** 

Please  enter  the  run  as  password  for  Reskits\User01:  ******** 

SUCCESS:  The  scheduled  task  "My  App"  has  successfully  been  created. 

To  run  a  task  only  when  a  particular  user  is  logged  on 

The  following  command  schedules  the  AdminCheck.exe  program  to  run  on  the  Public  computer  every  Friday 
at  4:00  A.M.,  but  only  if  the  administrator  of  the  computer  is  logged  on. 

The  command  uses  the  /sc  parameter  to  specify  a  weekly  schedule,  the  /d  parameter  to  specify  the  day,  and 
the  /st  parameter  to  specify  the  start  time. 

The  command  uses  the /s  parameter  to  provide  the  name  of  the  remote  computer  and  the/u  parameter  to 
specify  an  account  with  permission  to  schedule  a  task  on  the  remote  computer.  It  also  uses  the  /ru  parameter 
to  configure  the  task  to  run  with  the  permissions  of  the  administrator  of  the  Public  computer 
(Public\Admin01)  and  the  /it  parameter  to  indicate  that  the  task  runs  only  when  the  Public\Admin01  account 
is  logged  on. 

schtasks  /create  /tn  "Check  Admin"  /tr  AdminCheck.exe  /sc  weekly  /d  FRI  /st  04:00  /s  Public  /u 
Domain3\Admin06  /ru  Public\Admin01  /it 

Note 

•  To  identify  tasks  with  the  interactive-only  (/it)  property,  use  a  verbose  query  (/query  /v).  In  a  verbose 
query  display  of  a  task  with  /it,  the  Logon  Mode  field  has  a  value  of  Interactive  only. 

To  schedule  a  task  that  runs  with  system  permissions 

Tasks  of  all  types  can  run  with  permissions  of  the  System  account  on  both  the  local  and  a  remote  computer. 

In  addition  to  the  parameters  required  for  the  particular  schedule  type,  the/ru  system  (or  /ru  "")  parameter 
is  required  and  the  /rp  parameter  is  not  valid. 


Important 


•  The  System  account  does  not  have  interactive  logon  rights.  Users  cannot  see  or  interact  with  programs  or 
tasks  run  with  system  permissions. 

•  The  /ru  parameter  determines  the  permissions  under  which  the  task  runs,  not  the  permissions  used  to 
schedule  the  task.  Only  Administrators  can  schedule  tasks,  regardless  of  the  value  of  the  /ru  parameter. 

Note 

To  identify  tasks  that  run  with  system  permissions,  use  a  verbose  query  (/query  /v).  In  a  verbose  query 
display  of  a  system-run  task,  the  Run  As  User  field  has  a  value  of  NT  AUTHORITY\SYSTEM  and  the 
Logon  Mode  field  has  a  value  of  Background  only. 

Examples 

To  run  a  task  with  system  permissions 

The  following  command  schedules  the  MyApp  program  to  run  on  the  local  computer  with  permissions  of  the 
System  account.  In  this  example,  the  task  is  scheduled  to  run  on  the  fifteenth  day  of  every  month,  but  you  can 
use  any  schedule  type  for  a  task  run  with  system  permissions. 

The  command  uses  the  /ru  System  parameter  to  specify  the  system  security  context.  Because  system  tasks 
do  not  use  a  password,  the  /rp  parameter  is  omitted. 

schtasks  /create  /tn  "My  App"  /tr  c:\apps\myapp.exe  /sc  monthly  /d  15  /ru  System 

In  response,  SchTasks.exe  displays  an  informational  message  and  a  success  message.  It  does  not  prompt  for 
a  password. 

INFO:  The  task  will  be  created  under  user  name  ("NT  AUTHORITY\SYSTEM") . 

SUCCESS:  The  Scheduled  task  "My  App"  has  successfully  been  created. 

To  run  a  task  with  system  permissions  on  a  remote  computer 

The  following  command  schedules  the  MyApp  program  to  run  on  the  FinanceOI  computer  every  morning  at 
4:00  A. M.  with  system  permissions. 

The  command  uses  the  /tn  parameter  to  name  the  task  and  the  /tr  parameter  to  specify  the  remote  copy  of 
the  MyApp  program.  It  uses  the  /sc  parameter  to  specify  a  daily  schedule,  but  omits  the  /mo  parameter 
because  1  (every  day)  is  the  default.  It  uses  the  /st  parameter  to  specify  the  start  time,  which  is  also  the  time 
the  task  will  run  each  day. 

The  command  uses  the  /s  parameter  to  provide  the  name  of  the  remote  computer  and  the/u  parameter  to 
specify  an  account  with  permission  to  schedule  a  task  on  the  remote  computer.  It  also  uses  the  /ru  parameter 
to  specify  that  the  task  should  run  under  the  System  account.  Without  the  /ru  parameter,  the  task  would  run 
with  the  permissions  of  the  account  specified  by  /u. 

schtasks  /create  /tn  "My  App"  /tr  myapp.exe  /sc  dally  /st  04:00  /s  Finance01  /u  Admin01  /ru  System 

Schtasks  requests  the  password  of  the  user  named  by  the  /u  parameter  and,  after  authenticating  the 
password,  displays  a  message  indicating  that  the  task  is  created  and  that  it  will  run  with  permissions  of  the 
System  account. 

Type  the  password  for  Admin01:********** 

INFO:  The  Schedule  Task  "My  App"  will  be  created  under  user  name  ("NT  AUTHORITY\ 

SYSTEM"). 

SUCCESS:  The  scheduled  task  "My  App"  has  successfully  been  created. 


To  schedule  a  task  that  runs  more  than  one  program 

Each  task  runs  only  one  program.  However,  you  can  create  a  batch  file  that  runs  multiple  programs  and  then 
schedule  a  task  to  run  the  batch  file.  The  following  procedure  demonstrates  this  method: 

1 .  Create  a  batch  file  that  starts  the  programs  you  want  to  run. 

In  this  example,  you  create  a  batch  file  that  starts  Event  Viewer  (Eventvwr.exe)  and  System  Monitor 
(Perfmon.exe). 

•  Open  a  text  editor,  such  as  Notepad. 

•  Type  the  name  and  fully  qualified  path  to  the  executable  file  for  each  program.  In  this  case,  the  file 
includes  the  following  statements. 

C : \Windows\System32\Eventvwr . exe  C : \Windows\System32\Perfmon . exe 

•  Save  the  file  as  MyApps.bat. 

2.  Use  Schtasks.exe  to  create  a  task  that  runs  MyApps.bat. 

The  following  command  creates  the  Monitor  task,  which  runs  whenever  anyone  logs  on.  It  uses  the 
/tn  parameter  to  name  the  task,  and  the  /tr  parameter  to  run  MyApps.bat.  It  uses  the  /sc  parameter  to 
indicate  the  OnLogon  schedule  type  and  the  /ru  parameter  to  run  the  task  with  the  permissions  of  the 
user's  Administrator  account. 

schtasks  /create  /tn  Monitor  /tr  C:\MyApps.bat  /sc  onlogon  /ru  Reskit\Administrator 

As  a  result  of  this  command,  whenever  a  user  logs  on  to  the  computer,  the  task  starts  both  Event 
Viewer  and  System  Monitor. 

To  schedule  a  task  that  runs  on  a  remote  computer 

To  schedule  a  task  to  run  on  a  remote  computer,  you  must  add  the  task  to  the  remote  computer's  schedule. 
Tasks  of  all  types  can  be  scheduled  on  a  remote  computer,  but  the  following  conditions  must  be  met. 

•  You  must  have  permission  to  schedule  the  task.  As  such,  you  must  be  logged  on  to  the  local  computer 
with  an  account  that  is  a  member  of  the  Administrators  group  on  the  remote  computer,  or  you  must  use 
the  /u  parameter  to  provide  the  credentials  of  an  Administrator  of  the  remote  computer. 

•  You  can  use  the  /u  parameter  only  when  the  local  and  remote  computers  are  in  the  same  domain  or  the 
local  computer  is  in  a  domain  that  the  remote  computer  domain  trusts.  Otherwise,  the  remote  computer 
cannot  authenticate  the  user  account  specified  and  it  cannot  verify  that  the  account  is  a  member  of  the 
Administrators  group. 

•  The  task  must  have  sufficient  permission  to  run  on  the  remote  computer.  The  permissions  required  vary 
with  the  task.  By  default,  the  task  runs  with  the  permission  of  the  current  user  of  the  local  computer  or,  if 
the  /u  parameter  is  used,  the  task  runs  with  the  permission  of  the  account  specified  by  the  /u  parameter. 
However,  you  can  use  the  /ru  parameter  to  run  the  task  with  permissions  of  a  different  user  account  or 
with  system  permissions. 

Examples 

An  Administrator  schedules  a  task  on  a  remote  computer 

The  following  command  schedules  the  MyApp  program  to  run  on  the  S  RV01  remote  computer  every  ten 
days  starting  immediately.  The  command  uses  the  /s  parameter  to  provide  the  name  of  the  remote  computer. 
Because  the  local  current  user  is  an  Administrator  of  the  remote  computer,  the  /u  parameter,  which  provides 
alternate  permissions  for  scheduling  the  task,  is  not  necessary. 

Please  note  that  when  scheduling  tasks  on  a  remote  computer,  all  parameters  refer  to  the  remote  computer. 
Therefore,  the  executable  file  specified  by  the  /tr  parameter  refers  to  the  copy  of  MyApp.exe  on  the  remote 
computer. 


schtasks  /create  /s  SRV01  /tn  "My  App"  /t r  "c:\program  files\corpapps\myapp.exe"  /sc  daily  /mo  10 

In  response,  schtasks  displays  a  success  message  indicating  that  the  task  is  scheduled. 

A  user  schedules  a  command  on  a  remote  computer  (Case  1) 

The  following  command  schedules  the  MyApp  program  to  run  on  the  S  RV06  remote  computer  every  three 
hours.  Because  Administrator  permissions  are  required  to  schedule  a  task,  the  command  uses  the  /u  and  /p 
parameters  to  provide  the  credentials  of  the  user's  Administrator  account  (AdminOI  in  the  Reskits  domain). 
By  default,  these  permissions  are  also  used  to  run  the  task.  However,  because  the  task  does  not  need 
Administrator  permissions  to  run,  the  command  includes  the  /u  and  /rp  parameters  to  override  the  default 
and  run  the  task  with  permission  of  the  user's  non-Administrator  account  on  the  remote  computer. 

schtasks  /create  /s  SRV06  /tn  "My  App"  /tr  "c:\program  files\corpapps\myapp.exe"  /sc  hourly  /mo  3  /u 
reskits\admin01  /p  R43253@4$  /ru  SRV06\user03  /rp  MyFavUPswd 

In  response,  schtasks  displays  a  success  message  indicating  that  the  task  is  scheduled. 

A  user  schedules  a  command  on  a  remote  computer  (Case  2) 

The  following  command  schedules  the  MyApp  program  to  run  on  the  S  RV02  remote  computer  on  the  last 
day  of  every  month.  Because  the  local  current  user  (user03)  is  not  an  Administrator  of  the  remote  computer, 
the  command  uses  the  /u  parameter  to  provide  the  credentials  of  the  user's  Administrator  account  (AdminOI 
in  the  Reskits  domain).  The  Administrator  account  permissions  will  be  used  to  schedule  the  task  and  to  run 
the  task. 

schtasks  /create  /s  SRV02  /tn  "My  App"  /tr  "c:\program  files\corpapps\myapp.exe"  /sc  monthly  /mo  LASTDAY 
/m  *  /u  reskits\admin01 

Because  the  command  did  not  include  the  /p  (password)  parameter,  schtasks  prompts  for  the  password. 
Then  it  displays  a  success  message  and,  in  this  case,  a  warning. 

Type  the  password  for  reskits\admin01:******** 

SUCCESS:  The  scheduled  task  "My  App"  has  successfully  been  created. 

WARNING:  The  Scheduled  task  "My  App"  has  been  created,  but  may  not  run  because 
the  account  information  could  not  be  set. 

This  warning  indicates  that  the  remote  domain  could  not  authenticate  the  account  specified  by  the  /u 
parameter.  In  this  case,  the  remote  domain  could  not  authenticate  the  user  account  because  the  local 
computer  is  not  a  member  of  a  domain  that  the  remote  computer  domain  trusts.  When  this  occurs,  the  task 
job  appears  in  the  list  of  scheduled  tasks,  but  the  task  is  actually  empty  and  it  will  not  run. 

The  following  display  from  a  verbose  query  exposes  the  problem  with  the  task.  In  the  display,  note  that  the 
value  of  Next  Run  Time  is  Never  and  that  the  value  of  Run  As  User  is  Could  not  be  retrieved  from  the 
task  scheduler  database. 

Had  this  computer  been  a  member  of  the  same  domain  or  a  trusted  domain,  the  task  would  have  been 
successfully  scheduled  and  would  have  run  as  specified. 


HostName:  SRV44 
TaskName:  My  App 
Next  Run  Time:  Never 
Status : 

Logon  mode:  Interactive/Background 
Last  Run  Time:  Never 
Last  Result:  0 
Creator:  user03 

Schedule:  At  3:52  PM  on  day  31  of  every  month.,  start 
starting  12/14/2001 

Task  To  Run:  c:\program  files\corpapps\myapp.exe 
Start  In:  myapp.exe 
Comment:  N/A 

Scheduled  Task  State:  Disabled 
Scheduled  Type:  Monthly 
Start  Time:  3:52:00  PM 
Start  Date:  12/14/2001 
End  Date:  N/A 
Days:  31 

Months:  IAN, FEB, MAR, APR, MAY, DUN, 1UL, AUG, SEP, OCT, NO 
V,  DEC 

Run  As  User:  Could  not  be  retrieved  from  the  task  sched 
uler  database 

Delete  Task  If  Not  Rescheduled:  Enabled 
Stop  Task  If  Runs  X  Hours  and  X  Mins:  72:0 
Repeat:  Every:  Disabled 
Repeat:  Until:  Time:  Disabled 
Repeat:  Until:  Duration:  Disabled 
Repeat:  Stop  If  Still  Running:  Disabled 
Idle  Time:  Disabled 
Power  Management:  Disabled 

Remarks 

•  To  run  a  /create  command  with  the  permissions  of  a  different  user,  use  the  /u  parameter.  The  /u 
parameter  is  valid  only  for  scheduling  tasks  on  remote  computers. 

•  To  view  more  schtasks  /create  examples,  type  schtasks  /create  /?  at  a  command  prompt. 

•  To  schedule  a  task  that  runs  with  permissions  of  a  different  user,  use  the  /ru  parameter.  The  /ru  parameter 
is  valid  for  tasks  on  local  and  remote  computers. 

•  To  use  the  /u  parameter,  the  local  computer  must  be  in  the  same  domain  as  the  remote  computer  or  must 
be  in  a  domain  that  the  remote  computer  domain  trusts.  Otherwise,  either  the  task  is  not  created,  or  the 
task  job  is  empty  and  the  task  does  not  run. 

•  Schtasks  always  prompts  for  a  password  unless  you  provide  one,  even  when  you  schedule  a  task  on  the 
local  computer  using  the  current  user  account.  This  is  normal  behavior  for  schtasks. 

•  Schtasks  does  not  verify  program  file  locations  or  user  account  passwords.  If  you  do  not  enter  the  correct 
file  location  or  the  correct  password  for  the  user  account,  the  task  is  created,  but  it  does  not  run.  Also,  if 
the  password  for  an  account  changes  or  expires,  and  you  do  not  change  the  password  saved  in  the  task, 
then  the  task  does  not  run. 

•  The  System  account  does  not  have  interactive  logon  rights.  Users  do  not  see  and  cannot  interact  with 
programs  run  with  system  permissions. 

•  Each  task  runs  only  one  program.  However,  you  can  create  a  batch  file  that  starts  multiple  tasks,  and  then 
schedule  a  task  that  runs  the  batch  file. 

•  You  can  test  a  task  as  soon  as  you  create  it.  Use  the  run  operation  to  test  the  task  and  then  check  the 
SchedLgU.txt  file  (Sysfemffoof\SchedLgU.txt)  for  errors. 

schtasks  change 

Changes  one  or  more  of  the  following  properties  of  a  task. 


•  The  program  that  the  task  runs  (/tr). 

•  The  user  account  under  which  the  task  runs  (/ru). 

•  The  password  for  the  user  account  (/rp). 

•  Adds  the  interactive-only  property  to  the  task  (/it). 


Syntax 


schtasks  /change  /tn  <TaskName>  [/s  <Computen>  [/u  [<Domain>\]<User'>  [/p  <Password>] ] ]  [/ru  {[<Domain>\] 
<User>  |  System}]  [/rp  <Password>]  [/tr  <TaskRun>]  [/st  <StartTime>]  [/ri  <Interval>]  [{/et  <EndTime>  | 

/du  <Duration>}  [ /k ]  ]  [/sd  <StartDate>]  [/ed  <EndDate>]  [/{ENABLE  |  DISABLE}]  [/it]  [/z] 

Parameters 

TERM 

DEFINITION 

/tn  <TaskName> 

Identifies  the  task  to  be  changed.  Enter  the  task  name. 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer 
(with  or  without  backslashes).  The  default  is  the  local 
computer. 

/u  [<Domain>] 

Runs  this  command  with  the  permissions  of  the  specified 
user  account.  The  default  is  the  permissions  of  the  current 
user  of  the  local  computer.  The  specified  user  account  must 
be  a  member  of  the  Administrators  group  on  the  remote 
computer.  The  /u  and  /p  parameters  are  valid  only  for 
changing  a  task  on  a  remote  computer  (/s). 

/p  <  Password  > 

Specifies  the  password  of  the  user  account  specified  in  the 
/u  parameter.  If  you  use  the  /u  parameter,  but  omit  the  /p 
parameter  or  the  password  argument,  schtasks  prompts 
you  for  a  password. 

The  /u  and  /p  parameters  are  valid  only  when  you  use  /s. 

/ru  {[<Domain>] 

System) 

/rp  <  Password  > 

Specifies  a  new  password  for  the  existing  user  account,  or 
the  user  account  specified  by  the  /ru  parameter.  This 
parameter  is  ignored  with  used  with  the  local  System 

account. 

/tr  <TaskRun> 

Changes  the  program  that  the  task  runs.  Enter  the  fully 
qualified  path  and  file  name  of  an  executable  file,  script  file, 
or  batch  file.  If  you  omit  the  path,  schtasks  assumes  that 
the  file  is  in  the  <systemroot>\System32  directory.  The 
specified  program  replaces  the  original  program  run  by  the 
task. 

/st  <Starttime> 

Specifies  the  start  time  for  the  task,  using  the  24-hour 
time  format,  HH:mm.  For  example,  a  value  of  14:30  is 
equivalent  to  the  12-hour  time  of  2:30  PM. 

/ri  < Intervals 

Specifies  the  repetition  interval  for  the  scheduled  task,  in 
minutes.  Valid  range  is  1  -  599940  (599940  minutes  = 

9999  hours). 

TERM 


DEFINITION 


/et  <EndTime> 

Specifies  the  end  time  for  the  task,  using  the  24-hour  time 
format,  HH:mm.  For  example,  a  value  of  14:30  is  equivalent 
to  the  1 2-hour  time  of  2:30  PM. 

/du  <  Durations 

Specifies  to  close  the  task  at  the  <  EndTime>  or ,  if 
specified. 

A 

Stops  the  program  that  the  task  runs  at  the  time  specified 
by  /et  or  /du.  Without  /k,  schtasks  does  not  start  the 
program  again  after  it  reaches  the  time  specified  by  /et  or 
/du,  but  it  does  not  stop  the  program  if  it  is  still  running. 
This  parameter  is  optional  and  valid  only  with  a  MINUTE  or 
HOURLY  schedule. 

/sd  <StartDate> 

Specifies  the  first  date  on  which  the  task  should  be  run.  The 
date  format  is  MM/DD/YYYY. 

/ed  <EndDate> 

Specifies  the  last  date  on  which  the  task  should  be  run.  The 
format  is  MM/DD/YYYY. 

/ENABLE 

Specifies  to  enable  the  scheduled  task. 

/DISABLE 

Specifies  to  disable  the  scheduled  task. 

/it 

Specifies  to  run  the  scheduled  task  only  when  the  "run  as" 
user  (the  user  account  under  which  the  task  runs)  is  logged 
on  to  the  computer. 

This  parameter  has  no  effect  on  tasks  that  run  with  system 
permissions  or  tasks  that  already  have  the  interactive-only 
property  set.  You  cannot  use  a  change  command  to 
remove  the  interactive-only  property  from  a  task. 

By  default,  the  "run  as"  user  is  the  current  user  of  the  local 
computer  when  the  task  is  scheduled  or  the  account 
specified  by  the  /u  parameter,  if  one  is  used.  However,  if 
the  command  includes  the  /ru  parameter,  then  the  "run  as" 
user  is  the  account  specified  by  the  /ru  parameter. 

/z 

Specifies  to  delete  the  task  upon  the  completion  of  its 
schedule. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  /tn  and  /s  parameters  identify  the  task.  The  /tr,  /ru,  and  /rp  parameters  specify  properties  of  the  task 
that  you  can  change. 

•  The  /ru,  and  /rp  parameters  specify  the  permissions  under  which  the  task  runs.  The  /u  and  /p  parameters 
specify  the  permissions  used  to  change  the  task. 

•  To  change  tasks  on  a  remote  computer,  the  user  must  be  logged  on  to  the  local  computer  with  an  account 
that  is  a  member  of  the  Administrators  group  on  the  remote  computer. 

•  To  run  a  /change  command  with  the  permissions  of  a  different  user  (/u,  /p),  the  local  computer  must  be 
in  the  same  domain  as  the  remote  computer  or  must  be  in  a  domain  that  the  remote  computer  domain 
trusts. 

•  The  System  account  does  not  have  interactive  logon  rights.  Users  do  not  see  and  cannot  interact  with 
programs  run  with  system  permissions. 


•  To  identify  tasks  with  the  /it  property,  use  a  verbose  query  (/query  /v).  In  a  verbose  query  display  of  a 
task  with  /it,  the  Logon  Mode  field  has  a  value  of  Interactive  only. 

Examples 

To  change  the  program  that  a  task  runs 

The  following  command  changes  the  program  that  the  Virus  Check  task  runs  from  VirusCheck.exe  to 
VirusCheck2.exe.  This  command  uses  the  /tn  parameter  to  identify  the  task  and  the  /tr  parameter  to  specify 
the  new  program  for  the  task.  (You  cannot  change  the  task  name.) 

schtasks  /change  /tn  "Virus  Check"  /tr  C:\VirusCheck2.exe 

In  response,  SchTasks.exe  displays  the  following  success  message: 

SUCCESS:  The  parameters  of  the  scheduled  task  "Virus  Check"  have  been  changed. 

As  a  result  of  this  command,  the  Virus  Check  task  now  runs  VirusCheck2.exe. 

To  change  the  password  for  a  remote  task 

The  following  command  changes  the  password  of  the  user  account  for  the  RemindMe  task  on  the  remote 
computer,  SvrOI .  The  command  uses  the  /tn  parameter  to  identify  the  task  and  the  /s  parameter  to  specify 
the  remote  computer.  It  uses  the  /rp  parameter  to  specify  the  new  password,  p@ssWord3. 

This  procedure  is  required  whenever  the  password  for  a  user  account  expires  or  changes.  If  the  password 
saved  in  a  task  is  no  longer  valid,  then  the  task  does  not  run. 

schtasks  /change  /tn  RemindMe  /s  Svr01  /rp  p@ssWord3 

In  response,  SchTasks.exe  displays  the  following  success  message: 

SUCCESS:  The  parameters  of  the  scheduled  task  "RemindMe"  have  been  changed. 

As  a  result  of  this  command,  the  RemindMe  task  now  runs  under  its  original  user  account,  but  with  a  new 
password. 

To  change  the  program  and  user  account  for  a  task 

The  following  command  changes  the  program  that  a  task  runs  and  changes  the  user  account  under  which  the 
task  runs.  Essentially,  it  uses  an  old  schedule  for  a  new  task.  This  command  changes  the  ChkNews  task,  which 
starts  Notepad.exe  every  morning  at  9:00  A.M.,  to  start  Internet  Explorer  instead. 

The  command  uses  the  /tn  parameter  to  identify  the  task.  It  uses  the  /tr  parameter  to  change  the  program 
that  the  task  runs  and  the  /ru  parameter  to  change  the  user  account  under  which  the  task  runs. 

The  /ru,  and  /rp  parameter,  which  provides  the  password  for  the  user  account,  is  omitted.  You  must  provide  a 
password  for  the  account,  but  you  can  use  the  /ru,  and  /rp  parameter  and  type  the  password  in  clear  text,  or 
wait  for  SchTasks.exe  to  prompt  you  for  a  password,  and  then  enter  the  password  in  obscured  text. 

schtasks  /change  /tn  ChkNews  /tn  "c:\program  files\Internet  Explorer\iexplore.exe"  /ru  DomainX\Admin01 

In  response,  SchTasks.exe  requests  the  password  for  the  user  account.  It  obscures  the  text  you  type,  so  the 
password  is  not  visible. 


Please  enter  the  password  for  DomainX\Admin01 : 

Note  that  the  /tn  parameter  identifies  the  task  and  that  the  /tr  and  /ru  parameters  change  the  properties  of 
the  task.  You  cannot  use  another  parameter  to  identify  the  task  and  you  cannot  change  the  task  name. 

In  response,  SchTasks.exe  displays  the  following  success  message: 

SUCCESS:  The  parameters  of  the  scheduled  task  "ChkNews"  have  been  changed. 

As  a  result  of  this  command,  the  ChkNews  task  now  runs  Internet  Explorer  with  the  permissions  of  an 
Administrator  account. 

To  change  a  program  to  the  System  account 

The  following  command  changes  the  Security  Script  task  so  that  it  runs  with  permissions  of  the  System 
account.  It  uses  the  /ru  ""  parameter  to  indicate  the  System  account. 

schtasks  /change  /tn  SecurityScript  /ru  "" 

In  response,  SchTasks.exe  displays  the  following  success  message: 

INFO:  The  run  as  user  name  for  the  scheduled  task  "SecurityScript"  will  be  changed  to  "NT 
AUTHORITY\SYSTEM" . 

SUCCESS:  The  parameters  of  the  scheduled  task  "SecurityScript"  have  been  changed. 

Because  tasks  run  with  System  account  permissions  do  not  require  a  password,  SchTasks.exe  does  not 
prompt  for  one. 

To  run  a  program  only  when  I  am  logged  on 

The  following  command  adds  the  interactive-only  property  to  MyApp,  an  existing  task.  This  property  assures 
that  the  task  runs  only  when  the  "run  as"  user,  that  is,  the  user  account  under  which  the  task  runs,  is  logged  on 
to  the  computer. 

The  command  uses  the  /tn  parameter  to  identify  the  task  and  the  /it  parameter  to  add  the  interactive-only 
property  to  the  task.  Because  the  task  already  runs  with  the  permissions  of  my  user  account,  I  do  not  need  to 
change  the  /ru  parameter  for  the  task. 

schtasks  /change  /tn  MyApp  /it 

In  response,  SchTasks.exe  displays  the  following  success  message. 

SUCCESS:  The  parameters  of  the  scheduled  task  "MyApp"  have  been  changed. 


schtasks  run 

Starts  a  scheduled  task  immediately.  The  run  operation  ignores  the  schedule,  but  uses  the  program  file 
location,  user  account,  and  password  saved  in  the  task  to  run  the  task  immediately. 

Syntax 

schtasks  /run  /tn  <TaskName>  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 


Parameters 


TERM 

DEFINITION 

/tn  <TaskName> 

Required.  Identifies  the  task. 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer 
(with  or  without  backslashes).  The  default  is  the  local 
computer. 

/u  [< Domains] 

Runs  this  command  with  the  permissions  of  the  specified 
user  account.  By  default,  the  command  runs  with  the 
permissions  of  the  current  user  of  the  local  computer. 

The  specified  user  account  must  be  a  member  of  the 
Administrators  group  on  the  remote  computer.  The  /u  and 
/p  parameters  are  valid  only  when  you  use  /s. 

/p  < Passwords 

Specifies  the  password  of  the  user  account  specified  in  the 
/u  parameter.  If  you  use  the  /u  parameter,  but  omit  the  /p 
parameter  or  the  password  argument,  schtasks  prompts 
you  for  a  password. 

The  /u  and  /p  parameters  are  valid  only  when  you  use  /s. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Use  this  operation  to  test  your  tasks.  If  a  task  does  not  run,  check  the  Task  Scheduler  Service  transaction 
log,  <Systemroot>\SchedLgU.txt,  for  errors. 

•  Running  a  task  does  not  affect  the  task  schedule  and  does  not  change  the  next  run  time  scheduled  for  the 
task. 

•  To  run  a  task  remotely,  the  task  must  be  scheduled  on  the  remote  computer.  When  you  run  it,  the  task  runs 
only  on  the  remote  computer.  To  verify  that  a  task  is  running  on  a  remote  computer,  use  Task  Manager  or 
the  Task  Scheduler  transaction  log,  <Systemroot>\SchedLgU.txt. 

Examples 

To  run  a  task  on  the  local  computer 

The  following  command  starts  the  "Security  Script"  task. 

schtasks  /run  /tn  "Security  Script" 

In  response,  SchTasks.exe  starts  the  script  associated  with  the  task  and  displays  the  following  message: 

SUCCESS:  Attempted  to  run  the  scheduled  task  "Security  Script". 

As  the  message  implies,  schtasks  tries  to  start  the  program,  but  it  cannot  very  that  the  program  actually 
started. 

To  run  a  task  on  a  remote  computer 

The  following  command  starts  the  Update  task  on  a  remote  computer,  SvrOI : 

schtasks  /run  /tn  Update  /s  Svr01 


In  this  case,  SchTasks.exe  displays  the  following  error  message: 


ERROR:  Unable  to  nun  the  scheduled  task  "Update". 


To  find  the  cause  of  the  error,  look  in  the  Scheduled  Tasks  transaction  log,  C:\Windows\SchedLgU.txt  on 
SvrOI .  In  this  case,  the  following  entry  appears  in  the  log: 

"Update. job"  (update.exe)  3/26/2001  1:15:46  PM  **  ERROR  ** 

The  attempt  to  log  on  to  the  account  associated  with  the  task  failed ,  therefore,  the  task  did  not  run. 
The  specific  error  is: 

0x8007052e:  Logon  failure:  unknown  user  name  or  bad  password. 

Verify  that  the  task's  Run-as  name  and  password  are  valid  and  try  again. 


Apparently,  the  user  name  or  password  in  the  task  is  not  valid  on  the  system.  The  following  schtasks 
/change  command  updates  the  user  name  and  password  for  the  Update  task  on  SvrOI : 

schtasks  /change  /tn  Update  /s  Svr01  /ru  Administrator  /r p  PassW@rd3 


After  the  change  command  completes,  the  run  command  is  repeated.  This  time,  the  Update.exe  program 
starts  and  SchTasks.exe  displays  the  following  message: 

SUCCESS:  Attempted  to  run  the  scheduled  task  "Update". 


As  the  message  implies,  schtasks  tries  to  start  the  program,  but  it  cannot  very  that  the  program  actually 
started. 

schtasks  end 

Stops  a  program  started  by  a  task. 

Syntax 

schtasks  /end  /tn  <TaskName>  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 


Parameters 

TERM  DEFINITION 


/tn  <TaskName> 


Required.  Identifies  the  task  that  started  the  program. 


/s  <Computer> 


Specifies  the  name  or  IP  address  of  a  remote  computer.  The 
default  is  the  local  computer. 


/u  [<Domain>]  Runs  this  command  with  the  permissions  of  the  specified 

user  account.  By  default,  the  command  runs  with  the 
permissions  of  the  current  user  of  the  local  computer.  The 
specified  user  account  must  be  a  member  of  the 
Administrators  group  on  the  remote  computer.  The  /u  and 
/p  parameters  are  valid  only  when  you  use  /s. 


/p  <  Password  >  Specifies  the  password  of  the  user  account  specified  in  the 

/u  parameter.  If  you  use  the  /u  parameter,  but  omit  the  /p 
parameter  or  the  password  argument,  schtasks  prompts 
you  for  a  password. 

The  /u  and  /p  parameters  are  valid  only  when  you  use  /s. 


TERM 


DEFINITION 


/?  Displays  help. 

Remarks 

SchTasks.exe  ends  only  the  instances  of  a  program  started  by  a  scheduled  task.  To  stop  other  processes,  use 
TaskKill.  For  more  information,  see  Taskkill. 

Examples 

To  end  a  task  on  a  local  computer 

The  following  command  stops  the  instance  of  Notepad.exe  that  was  started  by  the  My  Notepad  task: 

schtasks  /end  /tn  "My  Notepad" 

In  response,  SchTasks.exe  stops  the  instance  of  Notepad.exe  that  the  task  started,  and  it  displays  the 
following  success  message: 

SUCCESS:  The  scheduled  task  "My  Notepad"  has  been  terminated  successfully. 

To  end  a  task  on  a  remote  computer 

The  following  command  stops  the  instance  of  Internet  Explorer  that  was  started  by  the  InternetOn  task  on 
the  remote  computer,  SvrOI : 

schtasks  /end  /tn  InternetOn  /s  Svr01 

In  response,  SchTasks.exe  stops  the  instance  of  Internet  Explorer  that  the  task  started,  and  it  displays  the 
following  success  message: 

SUCCESS:  The  scheduled  task  "InternetOn"  has  been  terminated  successfully. 


schtasks  delete 

Deletes  a  scheduled  task. 

Syntax 

schtasks  /delete  /tn  {<TaskName>  | 

*}  [/f]  [ /s  <Computer>  [/u  [<Domain>\]<User>  [/p  <Password>] ] ] 

Parameters 

TERM 

DEFINITION 

/tn  {<TaskName> 

*} 

/f 

Suppresses  the  confirmation  message.  The  task  is  deleted 
without  warning. 

/s  <Computer>  Specifies  the  name  or  IP  address  of  a  remote  computer 

(with  or  without  backslashes).  The  default  is  the  local 
computer. 


TERM 


DEFINITION 


/u  [<Domain>]  Runs  this  command  with  the  permissions  of  the  specified 

user  account.  By  default,  the  command  runs  with  the 
permissions  of  the  current  user  of  the  local  computer. 

The  specified  user  account  must  be  a  member  of  the 
Administrators  group  on  the  remote  computer.  The  /u  and 
/p  parameters  are  valid  only  when  you  use  /s. 


/p  <  Password  >  Specifies  the  password  of  the  user  account  specified  in  the 

/u  parameter.  If  you  use  the  /u  parameter,  but  omit  the  /p 
parameter  or  the  password  argument,  schtasks  prompts 
you  for  a  password. 

The  /u  and  /p  parameters  are  valid  only  when  you  use  /s. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  The  delete  operation  deletes  the  task  from  the  schedule.  It  does  not  delete  the  program  that  the  task  runs 
or  interrupt  a  running  program. 

•  The  delete  \*  command  deletes  all  tasks  scheduled  for  the  computer,  not  just  the  tasks  scheduled  by  the 
current  user. 

Examples 

To  delete  a  task  from  the  schedule  of  a  remote  computer 

The  following  command  deletes  the  "Start  Mail"  task  from  the  schedule  of  a  remote  computer.  It  uses  the  /s 
parameter  to  identify  the  remote  computer. 

schtasks  /delete  /tn  "Start  Mail"  /s  Svrl6 

In  response,  SchTasks.exe  displays  the  following  confirmation  message.  To  delete  the  task,  press  Y.  To  cancel 
the  command,  type  n: 

WARNING:  Are  you  sure  you  want  to  remove  the  task  "Start  Mail"  (Y/N  )? 

SUCCESS:  The  scheduled  task  "Start  Mail"  was  successfully  deleted. 

To  delete  all  tasks  scheduled  for  the  local  computer 

The  following  command  deletes  all  tasks  from  the  schedule  of  the  local  computer,  including  tasks  scheduled 
by  other  users.  It  uses  the  /tn  \*  parameter  to  represent  all  tasks  on  the  computer  and  the  /f  parameter  to 
suppress  the  confirmation  message. 

schtasks  /delete  /tn  *  /f 

In  response,  SchTasks.exe  displays  the  following  success  messages  indicating  that  the  only  task  scheduled, 
SecureScript,  is  deleted. 

SUCCESS:  The  scheduled  task  "SecureScript"  was  successfully  deleted. 


schtasks  query 

Displays  tasks  scheduled  to  run  on  the  computer. 


Syntax 


schtasks  [/query]  [/fo  {TABLE  |  LIST  |  CSV}]  [/nh]  [/v]  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p 
<Password>] ] ] 


Parameters 

TERM  DEFINITION 


[/query] 

The  operation  name  is  optional.  Typing  schtasks  without 
any  parameters  performs  a  query. 

/fo  {TABLE 

LIST 

/nh 

Omits  column  headings  from  the  table  display.  This 
parameter  is  valid  with  the  TABLE  and  CSV  output 
formats. 

/v 

Adds  advanced  properties  of  the  tasks  to  the  display. 
Queries  using  /v  should  be  formatted  as  LIST  or  CSV. 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer 
(with  or  without  backslashes).  The  default  is  the  local 
computer. 

/u  [<Domain>] 

Runs  this  command  with  the  permissions  of  the  specified 
user  account.  By  default,  the  command  runs  with  the 
permissions  of  the  current  user  of  the  local  computer. 

The  specified  user  account  must  be  a  member  of  the 
Administrators  group  on  the  remote  computer.  The  /u  and 
/p  parameters  are  valid  only  when  you  use  /s. 

/p  <  Password  > 

Specifies  the  password  of  the  user  account  specified  in  the 
/u  parameter.  If  you  use  /u,  but  omit  /p  or  the  password 
argument,  schtasks  prompts  you  for  a  password. 

The  /u  and  /p  parameters  are  valid  only  when  you  use  /s. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

SchTasks.exe  ends  only  the  instances  of  a  program  started  by  a  scheduled  task.  To  stop  other  processes,  use 
TaskKill.  For  more  information,  see  Taskkill. 

Examples 

To  display  the  scheduled  tasks  on  the  local  computer 

The  following  commands  display  all  tasks  scheduled  for  the  local  computer.  These  commands  produce  the 
same  result  and  can  be  used  interchangeably. 

schtasks 
schtasks  /query 

In  response,  SchTasks.exe  displays  the  tasks  in  the  default,  simple  table  format,  as  shown  in  the  following 
table: 


TaskName  Next  Run  Time  Status 


Microsoft  Outlook  At  logon  time 
SecureScript  14:42:00  PM  ,  2/4/2001 


To  display  advanced  properties  of  scheduled  tasks 

The  following  command  requests  a  detailed  display  of  the  tasks  on  the  local  computer.  It  uses  the  /v 
parameter  to  request  a  detailed  (verbose)  display  and  the  /fo  LIST  parameter  to  format  the  display  as  a  list 
for  easy  reading.  You  can  use  this  command  to  verify  that  a  task  you  created  has  the  intended  recurrence 
pattern. 

schtasks /query  /fo  LIST  /v 

In  response,  SchTasks.exe  displays  a  detailed  property  list  for  all  tasks.  The  following  display  shows  the  task 
list  for  a  task  scheduled  to  run  at  4:00  A.M.  on  the  last  Friday  of  every  month: 

HostName:  RESKIT01 

TaskName:  SecureScript 

Next  Run  Time:  4:00:00  AM  ,  3/30/2001 

Status:  Not  yet  run 

Logon  mode:  Interactive/Background 

Last  Run  Time:  Never 

Last  Result:  0 

Creator:  user01 

Schedule:  At  4:00  AM  on  the  last  Fri  of  every  month,  starting  3/24/2001 
Task  To  Run:  C:\WINDOWS\system32\notepad.exe 
Start  In:  notepad.exe 
Comment:  N/A 

Scheduled  Task  State:  Enabled 
Scheduled  Type:  Monthly 
Modifier:  Last  FRIDAY 
Start  Time:  4:00:00  AM 
Start  Date:  3/24/2001 
End  Date:  N/A 
Days:  FRIDAY 

Months:  1AN,FEB,MAR,APR,MAY,1UN,IUL,AUG,SEP,0CT,N0V,DEC 

Run  As  User:  RESKIT\user01 

Delete  Task  If  Not  Rescheduled:  Enabled 

Stop  Task  If  Runs  X  Hours  and  X  Mins:  72:0 

Repeat:  Until  Time:  Disabled 

Repeat:  Duration:  Disabled 

Repeat:  Stop  If  Still  Running:  Disabled 

Idle:  Start  Time(For  IDLE  Scheduled  Type):  Disabled 

Idle:  Only  Start  If  Idle  for  X  Minutes:  Disabled 

Idle:  If  Not  Idle  Retry  For  X  Minutes:  Disabled 

Idle:  Stop  Task  If  Idle  State  End:  Disabled 

Power  Mgmt:  No  Start  On  Batteries:  Disabled 

Power  Mgmt:  Stop  On  Battery  Mode:  Disabled 


To  log  tasks  scheduled  for  a  remote  computer 

The  following  command  requests  a  list  of  tasks  scheduled  for  a  remote  computer,  and  adds  the  tasks  to  a 
comma-separated  log  file  on  the  local  computer.  You  can  use  this  command  format  to  collect  and  track  tasks 
that  are  scheduled  for  multiple  computers. 

The  command  uses  the  /s  parameter  to  identify  the  remote  computer,  Reskitl  6,  the  /fo  parameter  to  specify 
the  format  and  the  /nh  parameter  to  suppress  the  column  headings.  The  >  >  append  symbol  redirects  the 
output  to  the  task  log,  pOI  02.csv,  on  the  local  computer,  SvrOI .  Because  the  command  runs  on  the  remote 
computer,  the  local  computer  path  must  be  fully  qualified. 


schtasks  /query  /s  Reskitl6  / fo  csv  /nh  >>  \\svr01\data\tasklogs\p0102.csv 


In  response,  SchTasks.exe  adds  the  tasks  scheduled  for  the  Reskitl  6  computer  to  the  p0 1 02.csv  file  on  the 
local  computer,  SvrOI. 

Additional  references 

Command-Line  Syntax  Key 


Scwcmd 

1/8/201 8  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  2012  R2,  Windows  Server  201 2 


The  Scwcmd.exe  command-line  tool  included  with  the  Security  Configuration  Wizard  (SCW)  can  be  used  to 
perform  the  following  tasks: 

•  Configure  one  or  many  servers  with  an  SCW-generated  policy. 

•  Analyze  one  or  many  servers  with  an  SCW-generated  policy. 

•  View  analysis  results  in  HTML  format. 

•  Roll  back  SCW  policies. 

•  Transform  an  SCW-generated  policy  into  native  files  that  are  supported  by  Group  Policy. 

•  Register  a  Security  Configuration  Database  extension  with  SCW. 

When  you  use  scwcmd  to  configure,  analyze,  or  roll  back  a  policy  on  a  remote  server,  SCW  must  be  installed  on 
the  remote  server. 

Syntax 

scwcmd  <command>  [<subcommand>] 


Parameters 


SUBCOMMAND 

DESCRIPTION 

/analyze 

Determines  whether  a  computer  is  in  compliance  with  a  policy. 
See  Scwcmd:  analyze  for  syntax  and  options. 

/configure 

Applies  an  SCW-generated  security  policy  to  a  computer. 

See  Scwcmd:  configure  for  syntax  and  options. 

/register 

Extends  or  customizes  the  SCW  Security  Configuration 

Database  by  registering  a  Security  Configuration  Database  file 
that  contains  role,  task,  service,  or  port  definitions. 

See  Scwcmd:  register  for  syntax  and  options. 

/rollback 

Applies  the  most  recent  rollback  policy  available,  and  then 
deletes  that  rollback  policy. 

See  Scwcmd:  rollback  for  syntax  and  options. 

/transform 

Transforms  a  security  policy  file  generated  by  using  SCW  into  a 
new  Group  Policy  object  (GPO)  in  Active  Directory  Domain 
Services. 

See  Scwcmd:  transform  syntax  and  options. 

/view 

Renders  an  .xml  file  by  using  a  specified  .xsl  transform. 

See  Scwcmd:  view  for  syntax  and  options. 

SUBCOMMAND 


DESCRIPTION 


/? 


Displays  help  at  the  command  prompt. 


Additional  references 

•  Command-Line  Syntax  Key 


Scwcmd:  analyze 

1 0/1 7/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  2012  R2,  Windows  Server  201 2 


Determines  whether  a  computer  is  in  compliance  with  a  policy.  Results  are  returned  in  an  .xml  file.  Also  accepts  a 
list  of  computer  names  as  input.  To  view  the  results  in  your  browser,  use  scwcmd  view  and  specify 

%windir%\security\msscw\TransformFiles\scwanalysis.xsl  as  the  .xsl  transform.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

scwcmd  analyze  [ [ [/m: <ComputerName>  |  /ou:<0u>]  /p:<Policy>]  |  /I : <ComputerList>]  [/o: 

<ResultDir>]  [/u : <UsenName>]  [/pw: <Passwond>]  [/t : <Threads>]  [ /I ]  [/e] 


Parameters 


PARAMETER 

DESCRIPTION 

/m:<ComputerName> 

Specifies  the  NetBIOS  name,  DNS  name,  or  IP  address  of  the 
computer  to  analyze.  If  the  /m  parameter  is  specified,  then  the 
/p  parameter  must  also  be  specified. 

/ou:<OuName> 

Specifies  the  fully  qualified  domain  name  (FQDN)  of  an 
organizational  unit  (OU)  in  Active  Directory  Domain  Services. 

If  the  /ou  parameter  is  specified,  then  the  /p  parameter  must 
also  be  specified.  All  computers  in  the  OU  will  be  analyzed 
against  the  given  policy. 

/p:<Policy> 

Specifies  the  path  and  file  name  of  the  .xml  policy  file  to  be 
used  to  perform  the  analysis. 

/i:<ComputerList> 

Specifies  the  path  and  file  name  of  an  .xml  file  that  contains  a 
list  of  computers  along  with  their  expected  policy  files.  All 
computers  in  the  .xml  file  will  be  analyzed  against  their 
corresponding  policy  files.  A  sample  .xml  file  is 
%windir%\security\SampleMachineList.xml. 

/o:<ResultDir> 

Specifies  the  path  and  directory  where  the  analysis  result  files 
should  be  saved.  The  default  is  the  current  directory. 

/u:<UserName> 

Specifies  an  alternate  user  credential  to  use  when  performing 
the  analysis  on  a  remote  computer.  The  default  is  the  logged 

on  user. 

/pw:<  Password  > 

Specifies  an  alternate  user  credential  to  use  when  performing 
the  analysis  on  a  remote  computer.  The  default  is  the 
password  of  the  logged  on  user. 

PARAMETER 


DESCRIPTION 


/t:<Threads>  Specifies  the  number  of  simultaneous  outstanding  analysis 

operations  that  should  be  maintained  during  the  analysis 
(DefaultValue=40,  MinValue=1,  MaxValue=1000). 


/I  Causes  the  analysis  process  to  be  logged.  One  log  file  will  be 

generated  for  each  computer  being  analyzed.  The  log  files  will 
be  stored  in  the  same  directory  as  the  result  files.  Use  the  /o 
option  to  specify  the  directory  for  the  result  files. 


/e 


Log  an  event  to  the  Application  Event  log  if  a  mismatch  is 
found. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

Scwcmd.exe  is  only  available  on  computers  running  Windows  Server  2008  R2,  Windows  Server  2008,  or 
Windows  Server  2003. 

Examples 

To  analyze  a  security  policy  against  the  file  webpolicy.xml,  type: 
scwcmd  analyze  /p:webpolicy .xml 

To  analyze  a  security  policy  on  the  computer  named  Webserver  against  the  file  webpolicy.xml  by  using  the 
credentials  of  the  webadmin  account,  type: 

scwcmd  analyze  /m:webserver  /p:webpolicy.xml  /u:webadmin 

To  analyze  a  security  policy  against  the  file  webpolicy.xml,  with  a  maximum  of  1 00  threads,  and  output  the  results 
to  a  file  named  results  in  the  resultserver  share,  type: 

scwcmd  analyze  /i:webpolicy.xml  /t:100  /o:\\resultserver\results 

To  analyze  a  security  policy  for  the  WebServers  OU  against  the  file  webpolicy.xml  by  using  the  DomainAdmin 
credentials,  type: 

scwcmd  analyze  /ou:OU=WebServersJDC=MarketingJDC=ABCCompany,DC=com  /p:webpolicy.xml  /u: DomainAdmin 

Additional  references 

•  Command-Line  Syntax  Key 


Scwcmd:  configure 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  2012  R2,  Windows  Server  201 2 

Applies  a  Security  Configuration  Wizard  (SCW)-generated  security  policy  to  a  computer.  This  command-line  tool 
also  accepts  a  list  of  computer  names  as  input. 

Syntax 


scwcmd  configure  [[[/m:<ComputerName> 
<Password>]  [/t:<Threads>] 

|  /ou:<0uName>]  /p:<Policy>]  |  /i:<ComputerList>]  [/u : <UserName>]  [/pw: 

Parameters 


PARAMETER 

DESCRIPTION 

/m:<ComputerName> 

Specifies  the  NetBIOS  name,  DNS  name,  or  IP  address  of  the 
computer  to  configure.  If  the  /m  parameter  is  specified,  then 
the  /p  parameter  must  also  be  specified. 

/ou:<OuName> 

Specifies  the  fully  qualified  domain  name  (FQDN)  of  an 
organizational  unit  (OU)  in  Active  Directory  Domain  Services. 

If  the  /ou  parameter  is  specified,  then  the  /p  parameter  must 
also  be  specified.  All  computers  in  the  OU  will  be  analyzed 
according  to  the  given  policy. 

/p:<Policy> 

Specifies  the  path  and  file  name  of  the  .xml  policy  file  to  be 
used  to  perform  the  configuration. 

/i:<ComputerList> 

Specifies  the  path  and  file  name  of  an  .xml  file  that  contains  a 
list  of  computers  along  with  their  expected  policy  files.  All 
computers  in  the  .xml  file  will  be  configured  according  to  their 
corresponding  policy  files.  A  sample  .xml  file  is 
%windir%\security\SampleMachineList.xml. 

/u:<UserName> 

Specifies  an  alternate  user  credential  to  use  when  configuring 
a  remote  computer.  The  default  is  the  logged  on  user. 

/pw:<  Password  > 

Specifies  an  alternate  user  credential  to  use  when  configuring 
a  remote  computer.  The  default  is  the  password  of  the  logged 

on  user. 

/t:<Th  reads  > 

Specifies  the  number  of  simultaneous  outstanding 
configuration  operations  that  should  be  maintained  during  the 
configuration  process  (DefaultValue=40,  MinValue=1, 
MaxValue=1000). 

/? 

Displays  help  at  the  command  prompt. 

Remarks 


Scwcmd.exe  is  only  available  on  computers  running  Windows  Server  2008  R2,  Windows  Server  2008,  or 
Windows  Server  2003. 

Examples 

To  configure  a  security  policy  against  the  file  webpolicy.xml,  type: 
scwcmd  configure  /p:webpolicy .xml 

To  configure  a  security  policy  for  the  computer  at  1 72.1 6.0.0  against  the  file  webpolicy.xml  by  using  the  webadmin 
account  credentials,  type: 

scwcmd  configure  /m:172.16.0.0  /p:webpolicy .xml  /u:webadmin 

To  configure  a  security  policy  on  all  computers  on  the  list  campusmachines.xml  with  a  maximum  of  1 00  threads, 
type: 

scwcmd  configure  /i:campusmachines.xml  /t:100 

To  configure  a  security  policy  on  all  computers  in  the  WebServers  OU  against  the  file  webpolicy.xml  by  using  the 
credentials  of  the  DomainAdmin  account,  type: 

scwcmd  configure  /ou:OU=WebServers,DC=Marketing,DC=ABCCompanyjDC=com  /p:webpolicy.xml  /u: DomainAdmin 

Additional  references 


•  Command-Line  Syntax  Key 


Scwcmd:  register 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  2012  R2,  Windows  Server  201 2 


Extends  or  customizes  the  Security  Configuration  Wizard  (SCW)  Security  Configuration  Database  by  registering  a 
Security  Configuration  Database  file  that  contains  role,  task,  service,  or  port  definitions. 

Syntax 

scwcmd  register  /kbname:<MyApp>  [/kbfile:<kb.xml>]  [/kb:<path>]  [/d] 


Parameters 

PARAMETER 


DESCRIPTION 


/kbname:<MyApp> 

Specifies  the  name  under  which  the  Security  Configuration 
Database  extension  will  be  registered.  This  parameter  must  be 
specified. 

/kbfile:<Kb.xml> 

Specifies  the  path  and  file  name  of  the  Security  Configuration 
Database  file  that  will  be  used  to  extend  or  customize  the  base 
Security  Configuration  Database.  To  validate  that  the  Security 
Configuration  Database  file  is  compliant  with  the  SCW  schema, 
use  the  %windir%\security\KBRegistrationlnfo.xsd  schema 
definition  file.  This  option  must  be  provided  unless  the  /d 
parameter  is  specified. 

/kb:  <  Path  > 

Specifies  the  path  to  the  directory  that  contains  the  SCW 
Security  Configuration  Database  files  to  be  updated.  If  this 
option  is  not  specified,  %windir%\security\msscw\kbs  is  used. 

/d 

Unregisters  a  Security  Configuration  Database  extension  from 
the  Security  Configuration  Database.  The  extension  to 
unregister  is  specified  by  the  /kbname  parameter.  (The  /kbfile 
parameter  should  not  be  specified.)  The  Security  Configuration 
Database  to  unregister  the  extension  from  is  specified  by  the 
/kb  parameter. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

Scwcmd.exe  is  only  available  on  computers  running  Windows  Server  2008  R2,  Windows  Server  2008,  or 
Windows  Server  2003. 

Examples 

To  register  the  Security  Configuration  Database  file  named  SCWKBForMyApp.xml  under  the  name  MyApp  in  the 
location  \\kbserver\kb,  type: 


scwcmd  register  /kbfile:d:\SCWKBForMyApp.xml  /kbname:MyApp  /kb:\\kbserver\kb 


To  unregister  the  Security  Configuration  Database  MyApp  located  at  \\kbserver\kb,  type: 


scwcmd  register  / d  /kbname: MyApp  /kb:\\kbserver\kb 


Additional  references 

•  Command-Line  Syntax  Key 


secedit 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Configures  and  analyzes  system  security  by  comparing  your  current  configuration  to  specified  security  templates. 

Syntax 

secedit 

[/analyze  /db  <database  file  name>  /cfg  configuration  file  name>  [/overwrite]  /log  <log  file  name>  [/quiet]] 
[/configure  /db  <database  file  name>  [/cfg  configuration  filename;*]  [/overwrite]  [/areas  [securitypolicy  | 
group_mgmt  |  user_rights  |  regkeys  |  filestore  |  services]]  [/log  <log  file  name>]  [/quiet]] 

[/export  /db  <database  file  name>  [/mergedpolicy]  /cfg  <configuration  file  name>  [/areas  [securitypolicy  | 
group_mgmt  |  user_rights  |  regkeys  |  filestore  |  services]]  [/log  <log  file  name>]] 

[/generaterollback  /db  <database  file  name>  /cfg  <configuration  file  name>  /rbk  <rollbacl<  file  name>  [/log 
<log  file  name>]  [/quiet]] 

[/import  /db  <database  file  name>  /cfg  <configuration  file  name>  [/overwrite]  [/areas  [securitypolicy  | 
group_mgmt  |  user_rights  |  regkeys  |  filestore  |  services]]  [/log  <log  file  name>]  [/quiet]] 

[/validate  <configuration  file  name>] 


Parameters 

PARAMETER 


DESCRIPTION 


Seceditanalyze 

Allows  you  to  analyze  current  systems  settings  against 
baseline  settings  that  are  stored  in  a  database.  The  analysis 
results  are  stored  in  a  separate  area  of  the  database  and  can 
be  viewed  in  the  Security  Configuration  and  Analysis  snap-in. 

Seceditconfigure 

Allows  you  to  configure  a  system  with  security  settings  stored 
in  a  database. 

Seceditexport 

Allows  you  to  export  security  settings  stored  in  a  database. 

Seceditgeneraterollback 

Allows  you  to  generate  a  rollback  template  with  respect  to  a 
configuration  template. 

Seceditimport 

Allows  you  to  import  a  security  template  into  a  database  so 
that  the  settings  specified  in  the  template  can  be  applied  to  a 
system  or  analyzed  against  a  system. 

Seceditvalidate 

Allows  you  to  validate  the  syntax  of  a  security  template. 

Remarks 

For  all  filenames,  the  current  directory  is  used  if  no  path  is  specified. 

When  a  security  template  is  created  using  the  Security  Template  snap-in  and  the  Security  Configuration  and 
Analysis  snap-in  is  run,  the  following  files  are  created: 

FILE 


DESCRIPTION 


FILE 


DESCRIPTION 


Scesrv.bg 

Location:  %windir%\security\logs 

Created  by:  operating  system 

File  type:  text 

Refresh  rate:  Overwritten  when  secedit  /analyze,  /configure, 
/export  or  /import  are  run. 

Content:  Contains  the  results  of  the  analysis  grouped  by 
policy  type. 

User-selected  name. sdb 

Location:  %windir%*user 
account\Documents\Security\Database 

Created  by:  running  the  Security  Configuration  and  Analysis 
snap-in 

File  type:  proprietary 

Refresh  rate:  Updated  whenever  a  new  security  template  is 
created. 

Content *:  Local  security  policies  and  user-created  security 
templates. 

User-selected  name,  log 

Location:  User-defined  but  defaults  to  %windir%*user 
account\Documents\Security\Logs 

Created  by:  Running  the  /analyze  and  /configure 
subcommands  (or  using  the  Security  Configuration  and 
Analysis  snap-in) 

File  type:  text 

Refresh  rate:  Running  the  /analyze  and  /configure 
subcommands  (or  using  the  Security  Configuration  and 
Analysis  snap-in);  overwritten. 

Content*: 

1 .  Log  file  name 

2.  Date  and  time 

3.  Results  of  analysis  or  investigation. 

User-selected  name. inf 

Location:  %windir%*user 

accou  nt \Documents  \Security\ Templates 

Created  by:  running  the  Security  Template  snap-in 

File  type:  text 

Refresh  rate:  each  time  the  security  template  is  updated 
Content*:  Contains  the  set  up  information  for  the  template 
for  each  policy  selected  using  the  snap-in. 

NOTE 

The  Microsoft  Management  Console  (MMC)  and  the  Security  Configuration  and  Analysis  snap-in  are  not  available  on  Server 
Core. 


Additional  references 

For  examples  of  how  this  command  can  be  used,  see  the  examples  section  in  any  of  the  subcommand  files 


•  Command-Line  Syntax  Key 


seceditanalyze 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 

Allows  you  to  analyze  current  systems  settings  against  baseline  settings  that  are  stored  in  a  database.  For  examples 
of  how  this  command  can  be  used,  see  Examples. 

Syntax 

Secedit  /analyze 
[/quiet}] 

/db  <database  file  name>  [/cfg  <configuration  file  name>]  [/overwrite]  [/log  <log  file  name>] 

Parameters 

PARAMETER 

DESCRIPTION 

db 

Required. 

Specifies  the  path  and  file  name  of  a  database  that  contains 
the  stored  configuration  against  which  the  analysis  will  be 
performed. 

If  file  name  specifies  a  database  that  has  not  had  a  security 
template  (as  represented  by  the  configuration  file)  associated 
with  it,  the  /cfg  \<conf iguration  file  name>  command¬ 
line  option  must  also  be  specified. 

cfg 

Optional. 

Specifies  the  path  and  file  name  for  the  security  template  that 
will  be  imported  into  the  database  for  analysis. 

This  /cfg  option  is  only  valid  when  used  with  the 
/db  \<database  file  name>  parameter.  If  this  is  not 
specified,  the  analysis  is  performed  against  any  configuration 
already  stored  in  the  database. 

overwrite 

Optional. 

Specifies  whether  the  security  template  in  the  /cfg  parameter 
should  overwrite  any  template  or  composite  template  that  is 
stored  in  the  database  instead  of  appending  the  results  to  the 
stored  template. 

This  command-line  option  is  only  valid  when  the 
/cfg  \<configuration  file  name>  parameter  is  also  used. 

If  this  is  not  specified,  the  template  in  the  /cfg  parameter  is 
appended  to  the  stored  template. 

log 

Optional. 

Specifies  the  path  and  file  name  of  the  log  file  to  be  used  in 
the  process. 

quiet 

Optional. 

Suppresses  screen  output.  You  can  still  view  analysis  results  by 
using  the  Security  Configuration  and  Analysis  snap-in  to  the 
Microsoft  Management  Console  (MMC). 


Remarks 


The  analysis  results  are  stored  in  a  separate  area  of  the  database  and  can  be  viewed  in  the  Security  Configuration 
and  Analysis  snap-in  to  the  MMC. 

If  the  path  for  the  log  file  is  not  provided,  the  default  log  file,  (sysfemroof\Documents  and 
Settings*UserAccount\My  Documents\Security\Logs*DatabaseName.\og)  is  used. 

In  Windows  Server  2008,  secedit  /refreshpolicy  has  been  replaced  with  gpupdate  .  For  information  on  how  to 
refresh  security  settings,  see  Gpupdate. 

Examples 

Perform  the  analysis  for  the  security  parameters  on  the  security  database,  SecDbContoso.sdb,  you  created  using 
the  Security  Configuration  and  Analysis  snap-in.  Direct  the  output  to  the  file  SecAnalysisContosoFY1 1  with 
prompting  so  you  can  verify  the  command  ran  correctly. 

Secedit  /analyze  /db  C:\Security\FYll\SecDbContoso.sdb  /log  C:\Security\FYll\SecAnalysisContosoFYll.log 

Let's  say  that  the  analysis  revealed  some  inadequacies  so  the  security  template,  SecContoso.inf,  was  modified.  Run 
the  command  again  to  incorporate  the  changes,  directing  the  output  to  the  existing  file  SecAnalysisContosoFY1 1 
with  no  prompting. 

Secedit  /analyze  /db  C:\Security\FYll\SecDbContoso.sdb  /cfg  SecContoso.inf  /overwrite  /log 
C : \Security\FYll\SecAnalysisContosoFYll . xml  /quiet 

Additional  references 

•  Secedit 

•  Command-Line  Syntax  Key 


seceditconfigure 

4/13/2018  •  2  min  to  read  •  EditOnline 

Allows  you  to  configure  the  current  system  settings  using  security  settings  stored  in  a  database.  For  examples  of 
how  this  command  can  be  used,  see  Examples. 

Syntax 

Secedit  /configure  /db  <database  file  name> 
SECURITYPOLICY  |  GROUP_MGMT  |  USER_RIGHTS  | 

[/cfg  configuration  file  name>]  [/overwrite]  [/areas 

REGKEYS  1  FILESTORE  |  SERVICES]  [/log  <log  file  name>]  [/quiet] 

Parameters 

PARAMETER 

DESCRIPTION 

db 

Required. 

Specifies  the  path  and  file  name  of  a  database  that  contains 
the  stored  configuration. 

If  file  name  specifies  a  database  that  has  not  had  a  security 
template  (as  represented  by  the  configuration  file)  associated 
with  it,  the  /cfg  \<conf iguration  file  name>  command¬ 
line  option  must  also  be  specified. 

cfg 

Optional. 

Specifies  the  path  and  file  name  for  the  security  template  that 
will  be  imported  into  the  database  for  analysis. 

This  /cfg  option  is  only  valid  when  used  with  the 
/db  \<database  file  name>  parameter.  If  this  is  not 
specified,  the  analysis  is  performed  against  any  configuration 
already  stored  in  the  database. 

overwrite 

Optional. 

Specifies  whether  the  security  template  in  the  /cfg  parameter 
should  overwrite  any  template  or  composite  template  that  is 
stored  in  the  database  instead  of  appending  the  results  to  the 
stored  template. 

This  command-line  option  is  only  valid  when  the 
/ cfg  \<conf iguration  file  name>  parameter  is  also  used. 

If  this  is  not  specified,  the  template  in  the  /cfg  parameter  is 
appended  to  the  stored  template. 

PARAMETER 


DESCRIPTION 


areas  Optional. 

Specifies  the  security  areas  to  be  applied  to  the  system.  If  this 
parameter  is  not  specified,  all  security  settings  defined  in  the 
database  are  applied  to  the  system.  To  configure  multiple 
areas,  separate  each  area  by  a  space.  The  following  security 
areas  are  supported: 

-  Security  Pol  icy 

Local  policy  and  domain  policy  for  the  system,  including 
account  policies,  audit  policies,  security  options,  and  so  on. 

-  Group_Mgmt 

Restricted  group  settings  for  any  groups  specified  in  the 
security  template. 

-  User_Rights 

User  logon  rights  and  granting  of  privileges. 

-  Reg  Keys 

Security  on  local  registry  keys. 

-  Filestore 

Security  on  local  file  storage. 

-  Services 

Security  for  all  defined  services. 


log  Optional. 

Specifies  the  path  and  file  name  of  the  log  file  for  the  process. 


quiet  Optional. 

Suppresses  screen  and  log  output.  You  can  still  view  analysis 
results  by  using  the  Security  Configuration  and  Analysis  snap- 
in  to  the  Microsoft  Management  Console  (MMC). 

Remarks 

If  the  path  for  the  log  file  is  not  provided,  the  default  log  file,  ( systemroot\\Jsers  *UserAccount \My 
Documents\Security\Logs*DatabaseName.\og)  is  used. 

Beginning  with  Windows  Server  2008,  secedit  /refreshpolicy  has  been  replaced  with  gpupdate  .  For  information 
on  how  to  refresh  security  settings,  see  Gpupdate. 

Examples 

Perform  the  analysis  for  the  security  parameters  on  the  security  database,  SecDbContoso.sdb,  you  created  using 
the  Security  Configuration  and  Analysis  snap-in.  Direct  the  output  to  the  file  SecAnalysisContosoFY1 1  with 
prompting  so  you  can  verify  the  command  ran  correctly. 

Secedit  /analyze  /db  C:\Security\FYll\SecDbContoso.sdb  /log  C:\Security\FYll\SecAnalysisContosoFYll.log 


Let's  say  that  the  analysis  revealed  some  inadequacies  so  the  security  template,  SecContoso.inf,  was  modified.  Run 
the  command  again  to  incorporate  the  changes,  directing  the  output  to  the  existing  file  SecAnalysisContosoFY1 1 
with  no  prompting. 

Secedit  /configure  /db  C:\Security\FYll\SecDbContoso.sdb  /cfg  SecContoso.inf  /overwrite  /log 
C:\Security\FYll\SecAnalysisContosoFYll.xml  /quiet 

Additional  references 

•  Secedit 


Seceditanalyze 
Command-Line  Syntax  Key 


seceditexport 
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Exports  security  settings  stored  in  a  database  configured  with  security  templates.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

Secedit  /export  / db  <database  file  name>  [/mergedpolicy]  /cfg  <configuration  file  name>  [/areas  [securitypolicy 
|  group_mgmt  |  user_rights  |  regkeys  |  filestore  |  services]]  [/log  <log  file  name>]  [/quiet] 


Parameters 

PARAMETER 

DESCRIPTION 

db 

Required. 

Specifies  the  path  and  file  name  of  a  database  that  contains 
the  stored  configuration  against  which  the  analysis  will  be 
performed. 

If  file  name  specifies  a  database  that  has  not  had  a  security 
template  (as  represented  by  the  configuration  file)  associated 
with  it,  the  /cfg  \<conf iguration  file  name>  command¬ 
line  option  must  also  be  specified. 

mergedpolicy 

Optional. 

Merges  and  exports  domain  and  local  policy  security  settings. 

cfg 

Required. 

Specifies  the  path  and  file  name  for  the  security  template  that 
will  be  imported  into  the  database  for  analysis. 

This  /cfg  option  is  only  valid  when  used  with  the 
/db  \<database  file  name>  parameter.  If  this  is  not 
specified,  the  analysis  is  performed  against  any  configuration 
already  stored  in  the  database. 

PARAMETER 


DESCRIPTION 


areas  Optional. 

Specifies  the  security  areas  to  be  applied  to  the  system.  If  this 
parameter  is  not  specified,  all  security  settings  defined  in  the 
database  are  applied  to  the  system.  To  configure  multiple 
areas,  separate  each  area  by  a  space.  The  following  security 
areas  are  supported: 

-  Security  Pol  icy 

Local  policy  and  domain  policy  for  the  system,  including 
account  policies,  audit  policies,  security  options,  and  so  on. 

-  Group_Mgmt 

Restricted  group  settings  for  any  groups  specified  in  the 
security  template. 

-  User_Rights 

User  logon  rights  and  granting  of  privileges. 

-  Reg  Keys 

Security  on  local  registry  keys. 

-  Filestore 

Security  on  local  file  storage. 

-  Services 

Security  for  all  defined  services. 


log  Optional. 

Specifies  the  path  and  file  name  of  the  log  file  for  the  process. 


quiet  Optional. 

Suppresses  screen  and  log  output.  You  can  still  view  analysis 
results  by  using  the  Security  Configuration  and  Analysis  snap- 
in  to  the  Microsoft  Management  Console  (MMC). 

Remarks 

You  can  use  this  command  to  backup  your  security  policies  on  a  local  computer  in  addition  to  importing  the 
settings  to  another  computer. 

If  the  path  for  the  log  file  is  not  provided,  the  default  log  file,  (sysfemroof\Documents  and 
Settings*UserAccount\My  Documents\Security\Logs*DatabaseName.\og)  is  used. 

In  Windows  Server  2008,  secedit  /refreshpoiicy  has  been  replaced  with  gpupdate  .  For  information  on  how  to 
refresh  security  settings,  see  Gpupdate. 

Examples 

Export  the  security  database  and  the  domain  security  policies  to  an  inf  file  and  then  import  that  file  to  a  different 
database  in  order  to  replicate  the  security  policy  settings  on  another  computer. 

Secedit  /export  /db  C:\Security\FYll\SecDbContoso.sdb  /mergedpolicy  /cfg  SecContoso.inf  /log 
C :  \Security\FYll\SecAnalysisContosoFYll.log  /quiet 


Import  that  file  to  a  different  database  on  another  computer. 


Secedit  /import  /db  C:\Security\FY12\SecDbContoso.sdb  /cfg  SecContoso.inf  /log 
C :  \Security\FYll\SecAnalysisContosoFY12 . log  /quiet 


Additional  references 

•  Seceditimport 


Secedit 

Command-Line  Syntax  Key 


seceditgeneraterol  I  back 
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Allows  you  to  generate  a  rollback  template  for  a  specified  configuration  template.  For  examples  of  how  this 
command  can  be  used,  see  Examples. 

Syntax 

Secedit  /generaterollback  /db  <database  file 
name>  [log  clog  file  name>]  [/quiet] 

name>  /cfg  configuration  file  name>  /rbk  crollback  template  file 

Parameters 

PARAMETER 

DESCRIPTION 

db 

Required. 

Specifies  the  path  and  file  name  of  a  database  that  contains 
the  stored  configuration  against  which  the  analysis  will  be 
performed. 

If  file  name  specifies  a  database  that  has  not  had  a  security 
template  (as  represented  by  the  configuration  file)  associated 
with  it,  the  /cfg  \cconf iguration  file  name>  command¬ 
line  option  must  also  be  specified. 

cfg 

Required. 

Specifies  the  path  and  file  name  for  the  security  template  that 
will  be  imported  into  the  database  for  analysis. 

This  /cfg  option  is  only  valid  when  used  with  the 
/db  \cdatabase  file  name>  parameter.  If  this  is  not 
specified,  the  analysis  is  performed  against  any  configuration 
already  stored  in  the  database. 

rbk 

Required. 

Specifies  a  security  template  into  which  the  rollback 
information  is  written.  Security  templates  are  created  using 
the  Security  Templates  snap-in.  Rollback  files  can  be  created 
with  this  command. 

log 

Optional. 

Specifies  the  path  and  file  name  of  the  log  file  for  the  process. 

quiet  Optional. 

Suppresses  screen  and  log  output.  You  can  still  view  analysis 
results  by  using  the  Security  Configuration  and  Analysis  snap- 
in  to  the  Microsoft  Management  Console  (MMC). 


Remarks 

If  the  path  for  the  log  file  is  not  provided,  the  default  log  file,  (system  root\\Jsers  *UserAccount\My 
Documents\Security\Logs*DatabaseName\og)  is  used. 

Beginning  with  Windows  Server  2008,  secedit  /refreshpolicy  has  been  replaced  with  gpupdate  .  For  information 
on  how  to  refresh  security  settings,  see  Gpupdate. 


The  successful  running  of  this  command  will  state  "The  task  has  completed  successfully.^?  and  logs  only  the 
mismatches  between  the  stated  security  template  and  security  policy  configuration.  It  lists  these  mismatches  in  the 
scesrv.log. 

If  an  existing  rollback  template  is  specified,  this  command  will  overwrite  it.  You  can  create  a  new  rollback  template 
with  this  command.  No  additional  parameters  are  needed  for  either  condition. 

Examples 

After  creating  the  security  template  using  the  Security  Configuration  and  Analysis  snap-in,  SecTmpIContoso.inf, 
create  the  rollback  configuration  file  to  save  the  original  settings.  Write  out  the  action  to  the  FY1 1  log  file. 

Secedit  /generaterollback  /db  C:\Security\FYll\SecDbContoso.sdb  /cfg  sectmplcontoso. inf  /rbk 
sectmplcontosoRBK. inf  /log  C: \Security\FYll\SecAnalysisContosoFYll.log 

Additional  references 

•  Secedit 

•  Command-Line  Syntax  Key 


seceditimport 
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imports  security  settings  stored  in  an  inf  file  previously  exported  from  the  database  configured  with  security 
templates.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

Secedit  /import  /db  <database  file  name>  /cfg  <configuration  file  name>  [/overwrite]  [/areas  [securitypolicy 
group_mgmt  |  user_rights  |  regkeys  |  filestore  |  services]]  [/log  <log  file  name>]  [/quiet] 

Parameters 


PARAMETER 

DESCRIPTION 

db 

Required. 

Specifies  the  path  and  file  name  of  a  database  that  contains 
the  stored  configuration  into  which  the  import  will  be 
performed. 

If  file  name  specifies  a  database  that  has  not  had  a  security 
template  (as  represented  by  the  configuration  file)  associated 
with  it,  the  /cfg  \<conf iguration  file  name>  command¬ 
line  option  must  also  be  specified. 

overwrite 

Optional. 

Specifies  whether  the  security  template  in  the  /cfg  parameter 
should  overwrite  any  template  or  composite  template  that  is 
stored  in  the  database  instead  of  appending  the  results  to  the 
stored  template. 

This  command-line  option  is  only  valid  when  the 
/cfg  ^configuration  file  name>  parameter  is  also  used. 

If  this  is  not  specified,  the  template  in  the  /cfg  parameter  is 
appended  to  the  stored  template. 

cfg 

Required. 

Specifies  the  path  and  file  name  for  the  security  template  that 
will  be  imported  into  the  database  for  analysis. 

This  /cfg  option  is  only  valid  when  used  with  the 
/db  \<database  file  name>  parameter.  If  this  is  not 
specified,  the  analysis  is  performed  against  any  configuration 
already  stored  in  the  database. 

overwrite 

Optional. 

Specifies  whether  the  security  template  in  the  /cfg  parameter 
should  overwrite  any  template  or  composite  template  that  is 
stored  in  the  database  instead  of  appending  the  results  to  the 
stored  template. 

This  command-line  option  is  only  valid  when  the 
/cfg  ^configuration  file  name>  parameter  is  also  used. 

If  this  is  not  specified,  the  template  in  the  /cfg  parameter  is 
appended  to  the  stored  template. 

PARAMETER 


DESCRIPTION 


areas  Optional. 

Specifies  the  security  areas  to  be  applied  to  the  system.  If  this 
parameter  is  not  specified,  all  security  settings  defined  in  the 
database  are  applied  to  the  system.  To  configure  multiple 
areas,  separate  each  area  by  a  space.  The  following  security 
areas  are  supported: 

-  SecurityPolicy 

Local  policy  and  domain  policy  for  the  system,  including 
account  policies,  audit  policies,  security  options,  and  so  on. 

-  Group_Mgmt 

Restricted  group  settings  for  any  groups  specified  in  the 
security  template. 

-  User_Rights 

User  logon  rights  and  granting  of  privileges. 

-  Reg  Keys 

Security  on  local  registry  keys. 

-  Filestore 

Security  on  local  file  storage. 

-  Services 

Security  for  all  defined  services. 


log  Optional. 

Specifies  the  path  and  file  name  of  the  log  file  for  the  process. 


quiet  Optional. 

Suppresses  screen  and  log  output.  You  can  still  view  analysis 
results  by  using  the  Security  Configuration  and  Analysis  snap- 
in  to  the  Microsoft  Management  Console  (MMC). 

Remarks 

Before  importing  an  .inf  file  onto  another  computer,  run  the  command  secedit/generaterollback  on  the  database 
on  which  the  import  will  be  performed  and  secedit  /validate  on  the  import  file  to  verify  its  integrity. 

If  the  path  for  the  log  file  is  not  provided,  the  default  log  file,  (sysfemrooADocuments  and 
Settings*UserAccount\My  Documents\Security\Logs*DatabaseName.\og )  is  used. 

In  Windows  Server  2008,  secedit  /refreshpolicy  has  been  replaced  with  gpupdate  .  For  information  on  how  to 
refresh  security  settings,  see  Gpupdate. 

Examples 

Export  the  security  database  and  the  domain  security  policies  to  an  inf  file  and  then  import  that  file  to  a  different 
database  in  order  to  replicate  the  security  policy  settings  on  another  computer. 

Secedit  /export  /db  C:\Security\FYll\SecDbContoso.sdb  /mergedpolicy  /cfg  NetworkShare\Policies\SecContoso. inf 
/log  C:\Security\FYll\SecAnalysisContosoFYll.log  /quiet 


Import  just  the  security  policies  portion  of  the  file  to  a  different  database  on  another  computer. 


Secedit  /import  /db  C:\Security\FY12\SecDbContoso.sdb  /cfg  NetworkShare\Policies\SecContoso. inf  /areas 
securitypolicy  /log  C:\Security\FYll\SecAnalysisContosoFY12.log  /quiet 


Additional  references 

•  Seceditexport 


Seceditgeneraterollback 

Seceditvalidate 

Secedit 

Command-Line  Syntax  Key 


seced  it:  va  I  i  d  ate 

4/13/2018  •  1  min  to  read  •  Edit  Online 


Validates  the  security  settings  stored  in  a  security  template  (.inf  file).  For  examples  of  how  this  command  can  be 
used,  see  Examples. 

Syntax 

Secedit  /validate  -(configuration  file  name> 


Parameters 

PARAMETER  DESCRIPTION 

Configuration  file  name  Required. 

Specifies  the  path  and  file  name  for  the  security  template  that 
will  be  validated. 


Remarks 

Validating  security  templates  can  help  you  if  one  is  corrupted  or  inappropriately  set. 

An  invalid  security  template  will  not  be  applied. 

The  log  file  will  not  be  updated. 

In  Windows  Server  2008,  secedit  /refreshpolicy  has  been  replaced  with  gpupdate  .  For  information  on  how  to 
refresh  security  settings,  see  Gpupdate. 

Examples 

After  a  rollback  is  performed  on  a  security  template,  you  want  to  verify  that  the  rollback  inf  file,  secRBKcontoso.inf, 
is  valid. 

Secedit  /validate  secRBKcontoso.inf 

Additional  references 

•  Seceditgeneraterollback 

•  Secedit 

•  Command-Line  Syntax  Key 


serverceipoptin 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Allows  you  to  participate  in  the  Customer  Experience  Improvement  Program  (CEIP). 


Syntax 

serverceipoptin  [/query]  [/enable]  [/disable] 

Parameters 

PARAMETER 

DESCRIPTION 

/query 

verifies  the  current  setting. 

/enable 

Enables  participation. 

/disable 

Disables  participation. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  verify  the  current  settings,  type: 
serverceipoptin  /query 

To  enable  participation,  type: 

serverceipoptin  /enable 

To  disable  participation,  type: 

serverceipoptin  /disable 


additional  references 


•  Command-Line  Syntax  Key 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


IMPORTANT 

This  command  is  available  only  on  servers  that  are  running  Windows  Server  2008  or  Windows  Server  2008  R2  . 
Servermanagercmd.exe  has  been  deprecated,  and  is  not  available  in  Windows  Server  2012  .  For  information  about  how  to 
install  or  remove  roles,  role  services,  and  features  in  Windows  Server  2012  ,  see  Install  or  uninstall  roles,  role  services,  and 
features  on  Microsoft  TechNet.  Installs  and  removes  roles,  role  services,  and  features.  Also  displays  the  list  of  all  roles,  role 
services,  and  features  available,  and  shows  which  are  installed  on  this  computer.  For  additional  information  about  the  roles, 
role  services,  and  features  that  you  can  specify  by  using  this  tool,  see  the  Server  Manager  help. 
(https://go.microsoft.com/fwlink/7Linkl D=1 37387).  for  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


servermanagercmd  -query  [ [ [<Drive> : ] <path>] <query .xml>]  [-logpath  [ [<Drive> : ]<path>]<log. txt>] 
servermanagercmd  -inputpath  [ [<Drive> : ] <path>] <answer .xml>  [-resultpath  <result.xml>  [-restart]  |  -whatif] 
[-logpath  [ [<Drive>: ]<path>]<log.txt>] 

servermanagercmd  -install  <Id>  [ -allSubFeatures]  [-resultpath  [[<Drive>: ] <path>] cresult . xml>  [-restart]  | 
-whatif]  [-logpath  [ [<Drive> : ]<path>]<log.txt>] 

servermanagercmd  -remove  <Id>  [-resultpath  cresult. xml>  [-restart]  |  -whatif]  [-logpath  [[<Drive>:] 

<path>]<log.txt>] 

servermanagercmd  [-help  |  -?] 

servermanagercmd  -version 


Parameters 


PARAMETER 


DESCRIPTION 


query  [[[:]] <query.xml>] 


Displays  a  list  of  all  roles,  role  services,  and  features  installed 


and  available  for  installation  on  the  server.  You  can  also  use  the 


short  form  of  this  parameter,  -q.  If  you  want  the  query  results 
saved  to  an  XML  file,  specify  an  XML  file  to  replace  query.xml. 


-inputpath  <[[:]]ar?si/i/er.xm/> 


Installs  or  removes  the  roles,  role  services,  and  features 
specified  in  an  XML  answer  file  represented  by  answer.xml.  You 
can  also  use  the  short  form  of  this  parameter,  -p. 


PARAMETER 

DESCRIPTION 

-install  <ld> 

Installs  the  role,  role  service,  or  feature  specified  by  Id.  The 
identifiers  are  case-insensitive.  Multiple  roles,  role  services,  and 
features  must  be  separated  by  spaces.  The  following  optional 
parameters  are  used  with  the  -install  parameter. 

-  -setting  <SettingName>  =  <SettingValue>  Specifies  required 
settings  for  the  installation. 

-  -allSubFeatures  Specifies  the  installation  of  all  subordinate 
services  and  features  along  with  the  parent  role,  role  service, 
or  feature  named  in  the  Id  value.  Note:  Some  role  containers 

do  not  have  a  command  line  identifier  to  allow  installation  of  all 

role  services.  This  is  the  case  when  role  services  cannot  be 
installed  in  the  same  instance  of  the  Server  Manager  command. 

For  example,  the  Federation  Service  role  service  of  active 
directory  Federation  Services  and  the  Federation  Service  Proxy 
role  service  cannot  be  installed  by  using  the  same  Server 

Manager  command  instance. 

-  -resultpath  <result.xml>  Saves  installation  results  to  an  XML  file 
represented  by  *result.xml.  You  can  also  use  the  short  form  of 
this  parameter,  -r.  Note:  You  cannot  run  servermanagercmd 
with  both  the  -resultpath  parameter  and  the  -whatif 
parameter  specified. 

-  -restart  Restarts  the  computer  automatically  when  installation 
is  complete  (if  restarting  is  required  by  the  roles  or  features 
installed). 

-  -whatif  Displays  any  operations  specified  for  the  -install 
parameter.  You  can  also  use  the  short  form  of  the  -whatif 
parameter,  -w.  You  cannot  run  servermanagercmd  with  both 
the  -resultpath  parameter  and  the  -whatif  parameter 
specified. 

-  -logpath  <[[:]]/og.fxf>  Specifies  a  name  and  location  for  the 
log  file,  other  than  the  default, 

%windir%\temp\servermanager.log. 

-remove  <ld> 

removes  the  role,  role  service,  or  feature  specified  by  Id.  The 
identifiers  are  case-insensitive.  Multiple  roles,  role  services,  and 
features  must  be  separated  by  spaces.  The  following  optional 
parameters  are  used  with  the  -remove  parameter. 

-  -resultpath  < l[.]]result.xml>  Saves  removal  results  to  an  XML 
file  represented  by  result.xml.  You  can  also  use  the  short  form 
of  this  parameter,  -r.  Note:  You  cannot  run  servermanagercmd 
with  both  the  -resultpath  parameter  and  the  -whatif 
parameter  specified. 

-  -restart  Restarts  the  computer  automatically  when  removal  is 
complete  (if  restarting  is  required  by  remaining  roles  or 
features). 

-  -whatif  Displays  any  operations  specified  for  the  -remove 
parameter.  You  can  also  use  the  short  form  of  the  -whatif 
parameter,  -w.  You  cannot  run  servermanagercmd  with  both 
the  -resultpath  parameter  and  the  -whatif  parameter 
specified. 

-  -Iogpath<[[:]]/og.fxf>  Specifies  a  name  and  location  for  the 
log  file,  other  than  the  default, 

%windir%\temp\servermanager.log. 

-help 

Displays  help  in  the  Command  prompt  window.  You  can  also 
use  the  short  form,  -?. 

-version 

Displays  the  Server  Manager  version  number.  You  can  also  use 
the  short  form,  -v. 

remarks 

Servermanagercmd  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows.  We  recommend 
that  if  you  are  running  Server  Manager  on  computers  that  are  running  Windows  Server  2008  R2  ,  you  use  the  Windows 


PowerShell  cmdlets  that  are  available  for  Server  Manager.  For  more  information,  see  Server  Manager  cmdlets. 
Servermanagercmd  can  be  run  from  any  directory  on  the  server's  local  drives.  You  must  be  a  member  of  the  Administrators 
group  on  the  server  on  which  you  want  to  install  or  remove  software. 


IMPORTANT 

Because  of  security  restrictions  imposed  by  User  Account  Control  in  Windows  Server  2008  R2  ,  you  must  run 
Servermanagercmd  in  a  Command  prompt  window  opened  with  elevated  permissions.  To  do  this,  right-click  the  Command 
prompt  executable,  or  the  Command  prompt  object  on  the  start  menu,  and  then  click  Run  as  administrator. 

Examples 

The  following  example  shows  how  to  use  servermanagercmd  to  display  a  list  of  all  roles,  role  services,  and  features 
available,  and  which  roles,  role  services,  and  features  are  installed  on  the  computer. 

servermanagercmd  -query 

The  following  example  shows  how  to  use  servermanagercmd  to  install  the  Web  Server  (IIS)  role,  and  save  the  installation 
results  to  an  XML  file  represented  by  installResult.xml. 

servermanagercmd  -install  Web-Server  -resultpath  installResult.xml 

The  following  example  shows  how  to  use  the  **  whatif**  parameter  with  servermanagercmd  to  display  detailed  information 
about  the  roles,  role  services,  and  features  that  would  be  installed  or  removed,  based  upon  instructions  that  are  specified  in 
an  XML  answer  file  represented  by  instalLxml. 

servermanagercmd  -inputpath  install. xml  -whatif 

additional  references 

•  for  a  complete  list  of  the  role,  role  service,  or  feature  identifiers  you  can  specify  for  the  Id  parameter,  or  more  information 
about  using  an  XML  answer  file  with  Servermanagercmd,  see  the  Server  Manager  help. 
(https://go.microsoft.com/fwlink/?LinklD=  137387). 

•  See  Server  Manager  cmdlets  for  a  listing  of  Windows  PowerShell  cmdlets  that  are  available  for  Server  Manager. 

•  Command-Line  Syntax  Key 


setlocal 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Starts  localization  of  environment  variables  in  a  batch  file.  Localization  continues  until  a  matching  endlocal 
command  is  encountered  or  the  end  of  the  batch  file  is  reached. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

setlocal  [enableextensions  |  disableextensions]  [enabledelayedexpansion  |  disabledelayedexpansion] 


Arguments 

ARGUMENT  DESCRIPTION 


enableextensions 

Enables  the  command  extensions  until  the  matching  endlocal 
command  is  encountered,  regardless  of  the  setting  before  the 
setlocal  command  was  run. 

disableextensions 

Disables  the  command  extensions  until  the  matching 
endlocal  command  is  encountered,  regardless  of  the  setting 
before  the  setlocal  command  was  run. 

enabledelayedexpansion 

Enables  the  delayed  environment  variable  expansion  until  the 
matching  endlocal  command  is  encountered,  regardless  of 
the  setting  before  the  setlocal  command  was  run. 

disabledelayedexpansion 

Disables  the  delayed  environment  variable  expansion  until  the 
matching  endlocal  command  is  encountered,  regardless  of 
the  setting  before  the  setlocal  command  was  run. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  Using  setlocal 

When  you  use  setlocal  outside  of  a  script  or  batch  file,  it  has  no  effect. 

•  Changing  environmental  variables 

Use  setlocal  to  change  environment  variables  when  you  run  a  batch  file.  Environment  changes  made  after 
you  run  setlocal  are  local  to  the  batch  file.  The  Cmd.exe  program  restores  previous  settings  when  it 
encounters  an  endlocal  command  or  reaches  the  end  of  the  batch  file. 

•  Nesting  commands 

You  can  have  more  than  one  setlocal  or  endlocal  command  in  a  batch  program  (that  is,  nested 
commands). 


•  Testing  for  command  extensions  in  batch  files 


The  setlocal  command  sets  the  ERRORLEVEL  variable.  If  you  pass  {enableextensions  | 
disableextensions}  or  {enabledelayedexpansion  |  disabledelayedexpansion},  the  ERRORLEVEL 
variable  is  set  to  0  (zero).  Otherwise,  it  is  set  to  1.  You  can  use  this  information  in  batch  scripts  to  determine 
whether  the  extensions  are  available,  as  shown  in  the  following  example: 

setlocal  enableextensions 
verify  other  2>nul 

if  errorlevel  1  echo  Unable  to  enable  extensions 


Because  cmd  does  not  set  the  ERRORLEVEL  variable  when  command  extensions  are  disabled,  the  verify 
command  initializes  the  ERRORLEVEL  variable  to  a  nonzero  value  when  you  use  it  with  an  invalid 
argument.  Also,  if  you  use  the  setlocal  command  with  arguments  {enableextensions  | 
disableextensions}  or  {enabledelayedexpansion  |  disabledelayedexpansion}  and  it  does  not  set  the 
ERRORLEVEL  variable  to  1,  command  extensions  are  not  available. 

Examples 

You  can  localize  environment  variables  in  a  batch  file,  as  shown  in  the  following  sample  script: 

rem  *  ****  *  *Beg  jp  Comment  *************  * 

rem  This  program  starts  the  superapp  batch  program  on  the  network, 
rem  directs  the  output  to  a  file,  and  displays  the  file 
rem  in  Notepad. 

rem  *******End  comment************** 

@echo  off 
setlocal 

path=g: \programs\superapp;%path% 
call  superapp>c:\superapp.out 
endlocal 

start  notepad  c:\superapp.out 

Additional  references 

Command-Line  Syntax  Key 


setx 

4/1 3/2018  •  4  min  to  read  •  Edit  Online 


Creates  or  modifies  environment  variables  in  the  user  or  system  environment,  without  requiring  programming  or  scripting.  The  Setx 
command  also  retrieves  the  values  of  registry  keys  and  writes  them  to  text  files. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

setx  [/s  <Computer>  [/u  [<Domain>\]<User  name>  [/p  [<Password>] ] ] ]  <Variable>  <Value>  [/m] 

setx  [/s  <Computer>  [/u  [<Domain>\]<User  name>  [/p  [<Password>] ] ] ]  [<Variable>]  /k  <Path>  [ /m] 

setx  [/s  <Computer>  [/u  [<Domain>\]<User  name>  [/p  [<Password>] ] ] ]  /f  <FileName>  { [<Variable>]  {/a  <X>j<Y>  |  /r  <X>,<Y>  "<String>"} 

[ /m]  |  /x}  [/d  <Delimiters>] 

Parameters 


PARAMETER 

DESCRIPTION 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer.  Do  not  use 
backslashes.  The  default  value  is  the  name  of  the  local  computer. 

/u  [<  Domain  >] 

Runs  the  script  with  the  credentials  of  the  specified  user  account.  The 
default  value  is  the  system  permissions. 

/p  [<  Password  >] 

Specifies  the  password  of  the  user  account  that  is  specified  in  the  /u 
parameter. 

<Variable> 

Specifies  the  name  of  the  environment  variable  that  you  want  to  set. 

<Value> 

Specifies  the  value  to  which  you  want  to  set  the  environment  variable. 

/k  <Path> 

Specifies  that  the  variable  is  set  based  on  information  from  a  registry  key. 

The  path  uses  the  following  syntax: 

\\<HIVE>\<KEY>\ . . . \<Value> 

For  example,  you  might  specify  the  following  path: 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\S 

/f  <  File  name> 

Specifies  the  file  that  you  want  to  use. 

/a  <X>, 

Specifies  absolute  coordinates  and  offset  as  search  parameters. 

/r  <X>, "" 

Specifies  relative  coordinates  and  offset  from  String  as  search  parameters. 

/m 

Specifies  to  set  the  variable  in  the  system  environment.  The  default  setting 
is  the  local  environment. 

/x 

Displays  file  coordinates,  ignoring  the  /a,  /r,  and  /d  command-line  options. 

/d  <Delimiters> 

Specifies  delimiters  such  as  or  "V  to  be  used  in  addition  to  the  four 
built-in  delimiters  —  SPACE,  TAB,  ENTER,  and  LINEFEED.  Valid  delimiters 
include  any  ASCII  character.  The  maximum  number  of  delimiters  is  1 5, 
including  built-in  delimiters. 

P 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  Setx  command  is  similar  to  the  UNIX  utility  SETENV. 

•  Setx  provides  the  only  command-line  or  programmatic  way  to  directly  and  permanently  set  system  environment  values.  System 


environment  variables  are  manually  configurable  through  Control  Panel  or  through  a  registry  editor.  The  set  command,  which  is 
internal  to  the  command  interpreter  (Cmd.exe),  sets  user  environment  variables  for  the  current  console  window  only. 

•  You  can  use  the  setx  command  to  set  values  for  user  and  system  environment  variables  from  one  of  three  sources  (modes): 
Command  Line  Mode,  Registry  Mode,  or  File  Mode. 

•  Setx  writes  variables  to  the  master  environment  in  the  registry.  Variables  set  with  setx  variables  are  available  in  future  command 
windows  only,  not  in  the  current  command  window. 

•  HKEY_CURRENT_USER  and  HKEY_LOCAL_MACHIN  E  are  the  only  supported  hives.  REG_DWORD,  REG_EXPAND_SZ,  REG_SZ, 
and  REG_MULTI_SZ  are  the  valid  Reg  Key  data  types. 

•  When  you  gain  access  to  REG_MULTI_SZ  values  in  the  registry,  only  the  first  item  is  extracted  and  used. 

•  You  cannot  use  the  setx  command  to  remove  values  that  have  been  added  to  the  local  or  system  environments.  You  can  use  set  with 
a  variable  name  and  no  value  to  remove  a  corresponding  value  from  the  local  environment. 

•  REG_DWORD  registry  values  are  extracted  and  used  in  hexadecimal  mode. 

•  File  mode  supports  the  parsing  of  carriage  return  and  line  feed  (CRLF)  text  files  only. 

Examples 

To  set  the  MACHINE  environment  variable  in  the  local  environment  to  the  value  Brandi,  type: 

setx  MACHINE  Brandi 

To  set  the  MACHINE  environment  variable  in  the  system  environment  to  the  value  Brandi  Computer,  type: 
setx  MACHINE  "Brandi  Computer"  /m 

To  set  the  MYPATH  environment  variable  in  the  local  environment  to  use  the  search  path  defined  in  the  PATH  environment  variable,  type: 

setx  MYPATH  %PATH% 

To  set  the  MYPATH  environment  variable  in  the  local  environment  to  use  the  search  path  defined  in  the  PATH  environment  variable  after 
replacing  ~  with  %,  type: 

setx  MYPATH  ~PATH~ 

To  set  the  MACHINE  environment  variable  in  the  local  environment  to  Brandi  on  a  remote  computer  named  Computerl,  type: 
setx  /s  computerl  /u  maindom\hiropln  /p  p@ssW23  MACHINE  Brandi 

To  set  the  MYPATH  environment  variable  in  the  local  environment  to  use  the  search  path  defined  in  the  PATH  environment  variable  on  a 
remote  computer  named  Computerl,  type: 

setx  /s  computerl  /u  maindom\hiropln  /p  p@ssW23  MYPATH  %PATH% 

To  set  the  TZON  E  environment  variable  in  the  local  environment  to  the  value  found  in  the 

HKEY_LOCAL_MACHIN  E\System\CurrentControlSet\Control\TimeZonelnformation\StandardName  registry  key,  type: 
setx  TZONE  /k  HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\T imeZonelnf ormation\StandardName 

To  set  the  TZON  E  environment  variable  in  the  local  environment  of  a  remote  computer  named  Computerl  to  the  value  found  in  the 

HKEY_LOCAL_MACHIN  E\System\CurrentControlSet\Control\TimeZonelnformation\StandardName  registry  key,  type: 

setx  /s  computerl  /u  maindom\hiropln  /p  p@ssW23  TZONE  /k 

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TimeZoneInformation\StandardName 

To  set  the  BUILD  environment  variable  in  the  system  environment  to  the  value  found  in  the 

HKEY_LOCAL_MACHIN  E\Software\Microsoft\WindowsNT\CurrentVersion\CurrentBuildN umber  registry  key,  type: 
setx  BUILD  /k  "HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\CurrentBuildNumber"  /m 


To  set  the  BUILD  environment  variable  in  the  system  environment  of  a  remote  computer  named  Computerl  to  the  value  found  in  the 

HKEY_LOCAL_MACHIN  E\Software\Microsoft\WindowsNT\CurrentVersion\CurrentBuildN umber  registry  key  type: 

setx  /s  computerl  /u  maindom\hiropln  /p  p@ssW23  BUILD  /k  "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows 
NT\CurrentVersion\CurrentBuildNumber"  /m 

To  display  the  contents  of  a  file  named  Ipconfig.out,  along  with  the  contents'  corresponding  coordinates,  type: 
setx  /f  ipconfig.out  /x 

To  set  the  IPADDR  environment  variable  in  the  local  environment  to  the  value  found  at  the  coordinate  5,1 1  in  the  file  Ipconfig.out,  type: 
setx  IPADDR  /f  ipconfig.out  /a  5,11 

To  set  the  OCTET1  environment  variable  in  the  local  environment  to  the  value  found  at  the  coordinate  5,3  in  the  file  Ipconfig.out  with 
delimiters  type: 

setx  0CTET1  /f  ipconfig.out  /a  5,3  /d  "#$*." 

To  set  the  IPGATEWAY  environment  variable  in  the  local  environment  to  the  value  found  at  the  coordinate  0,7  with  respect  to  the 
coordinate  of  "Gateway"  in  the  file  Ipconfig.out,  type: 

setx  IPGATEWAY  /f  ipconfig.out  /r  0,7  Gateway 

To  display  the  contents  of  a  file  named  Ipconfig.out  —  along  with  the  contents'  corresponding  coordinates  —  on  a  computer  named 
Computerl,  type: 

setx  /s  computerl  /u  maindom\hiropln  /p  p@ssW23  /f  ipconfig.out  /x 

Additional  references 

Command-Line  Syntax  Key 


sfc 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Scans  and  verifies  the  integrity  of  all  protected  system  files  and  replaces  incorrect  versions  with  correct  versions, 
for  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


sfc  [/scannow]  [/verifyonly]  [/scanfile=<file>] 
/offbootdir=<offline  boot  directory>] 

[/verifyfile=<file>]  [/offwindir=<offline  windows  directory> 

Parameters 

PARAMETER 

DESCRIPTION 

/scannow 

Scans  the  integrity  of  all  protected  system  files  and  repairs  files 
with  problems  when  possible. 

/verifyonly 

Scans  integrity  of  all  protected  system  files.  No  repair 
operation  is  performed. 

/scanfile 

Scans  integrity  of  the  specified  file  and  repairs  the  file  if 
problems  are  detected,  when  possible. 

Specified  full  path  and  filename 

/verifyfile 

verifies  the  integrity  of  the  specified  file.  No  repair  operation  is 
performed. 

/offwindir 

Specifies  the  location  of  the  offline  windows  directory,  for 
offline  repair. 

/offbootdir 

Specifies  the  location  of  the  offline  boot  directory  for  offline 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  must  be  logged  on  as  a  member  of  the  Administrators  group  to  run  sfc.exe. 

•  if  sfc  discovers  that  a  protected  file  has  been  overwritten,  it  retrieves  the  correct  version  of  the  file  from  the 
systemroot\system32\dllcache  folder,  and  then  replaces  the  incorrect  file. 

•  There  are  functional  differences  between  sfc  on  Windows  Server  2003,  Windows  Server  2008  ,  and  Windows 
Server  2008  R2 : 

•  for  more  information  about  sfc  on  Windows  Server  2003,  see  article  310747  in  the  Microsoft  Knowledge  Base. 

•  for  more  information  about  sfc  on  Windows  Server  2008  ,  and  Windows  Server  2008  R2  ,  see  System  File 


Checker.  ##  Examples  To  verify  the  kernel32.dll  file,  type:  sfc  /verifyfiie=c: \windows\system32\kernei32.dll 
To  setup  offline  repair  of  the  kernel32.dll  file  with  an  offline  boot  directory  set  to  d:  and  offline  windows 
directory  set  to  d:\windows,  type: 

sfc  /scanfile=d:\windows\system32\kernel32.dll  /offbootdir=d :  \  /offwindir=d : \windows  ##  additional  references 
Command-Line  Syntax  Key 


shadow 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Enables  you  to  remotely  control  an  active  session  of  another  user  on  a  remote  Desktop  Session  Host  (rd  Session 
Host)  server,  for  examples  of  how  to  use  this  command,  see  Examples. 


NOTE 

Syntax 


shadow  {<SessionName> 

<SessionID>}  [/server : <ServerName>]  [/v] 

Parameters 

PARAMETER 

DESCRIPTION 

Specifies  the  name  of  the  session  that  you  want  to  remotely 
control. 

Specifies  the  ID  of  the  session  that  you  want  to  remotely 
control.  Use  query  user  to  display  the  list  of  sessions  and  their 
session  IDs. 

/server: 

Specifies  the  rd  Session  Host  server  containing  the  session  that 
you  want  to  remotely  control.  By  default,  the  current  rd  Session 
Host4  server  is  used. 

/v 

Displays  information  about  the  actions  being  performed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  can  either  view  or  actively  control  the  session.  If  you  choose  to  actively  control  a  user's  session,  you  will  be  able  to 
input  keyboard  and  mouse  actions  to  the  session. 

•  You  can  always  remotely  control  your  own  sessions  (except  the  current  session),  but  you  must  have  Full  Control 
permission  or  remote  Control  special  access  permission  to  remotely  control  another  session. 

•  You  can  also  initiate  remote  control  by  using  remote  Desktop  Services  Manager. 

•  Before  monitoring  begins,  the  server  warns  the  user  that  the  session  is  about  to  be  remotely  controlled,  unless  this 
warning  is  disabled.  Your  session  might  appear  to  be  frozen  for  a  few  seconds  while  it  waits  for  a  response  from  the  user. 
To  configure  remote  control  for  users  and  sessions,  use  the  remote  Desktop  Services  Configuration  tool  or  the  remote 
Desktop  Services  extensions  to  Local  Users  and  Groups  and  active  directory  Users  and  computers. 

•  Your  session  must  be  capable  of  supporting  the  video  resolution  used  at  the  session  that  you  are  remotely  controlling  or 
the  operation  fails. 

•  The  console  session  can  neither  remotely  control  another  session  nor  can  it  be  remotely  controlled  by  another  session. 

•  When  you  want  to  end  remote  control  (shadowing),  press  CTRL+*  (by  using  *  from  the  numeric  keypad  only).  ## 
Examples 

•  To  shadow  session  93,  type:  shadow  93 

•  To  shadow  the  session  ACCTG01,  type:  shadow  ACCTG01  ####  additional  references  Command- Line  Syntax  Key  remote 
Desktop  Services  (Terminal  Services)  Command  Reference 


shift 

4/13/2018  •  1  min  to  read  •  EditOnline 

Changes  the  position  of  batch  parameters  in  a  batch  file. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

shift  [/n  <N>] 

Parameters 

PARAMETER 

DESCRIPTION 

/n  <N> 

Specifies  to  start  shifting  at  the  A/th  argument,  where  N  is  any 
value  from  0  to  8.  Requires  command  extensions,  which  are 
enabled  by  default. 

/?  Displays  help  at  the  command  prompt. 


Remarks 

•  The  shift  command  changes  the  values  of  the  batch  parameters  %0  through  %9  by  copying  each  parameter 
into  the  previous  one — the  value  of  %1  is  copied  to  %0,  the  value  of  %2  is  copied  to  %1,  and  so  on.  This  is 
useful  for  writing  a  batch  file  that  performs  the  same  operation  on  any  number  of  parameters. 

•  If  command  extensions  are  enabled,  the  shift  command  supports  the  /n  command-line  option.  The  /n  option 
specifies  to  start  shifting  at  the  Nth  argument,  where  N  is  any  value  from  0  to  8.  For  example,  SHIFT  /2  would 
shift  %3  to  %2,  %4  to  %3,  and  so  on,  and  leave  %0  and  %1  unaffected.  Command  extensions  are  enabled  by 
default. 

•  You  can  use  the  shift  command  to  create  a  batch  file  that  can  accept  more  than  1 0  batch  parameters.  If  you 
specify  more  than  1 0  parameters  on  the  command  line,  those  that  appear  after  the  tenth  (%9)  will  be  shifted 
one  at  a  time  into  %9. 

•  The  shift  command  has  no  effect  on  the  %\*  batch  parameter. 

•  There  is  no  backward  shift  command.  After  you  implement  the  shift  command,  you  cannot  recover  the  batch 
parameter  (%0)  that  existed  before  the  shift. 

Examples 

The  following  lines  from  a  sample  batch  file  called  Mycopy.bat  demonstrate  how  to  use  shift  with  any  number  of 

batch  parameters.  In  this  example,  Mycopy.bat  copies  a  list  of  files  to  a  specific  directory.  The  batch  parameters  are 

represented  by  the  directory  and  file  name  arguments. 


@echo  off 

rem  MYCOPY.BAT  copies  any  number  of  files 
rem  to  a  directory. 

rem  The  command  uses  the  following  syntax: 

rem  mycopy  dir  filel  file2  . . . 

set  todir=%l 

:getfile 

shift 

if  "%1"==""  goto  end 
copy  %1  %todir% 
goto  getfile 
:  end 

set  todir= 
echo  All  done 


Additional  references 

Command-Line  Syntax  Key 


showmount 

10/17/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

You  can  use  showmount  to  display  mounted  directories. 

Syntax 

showmount  {  -e  |  -a  |  -d  }  [  Server  ] 

Description 

The  showmount  command-line  utility  displays  information  about  mounted  file  systems  exported  by  Server  for 
NFS  on  the  computer  specified  by  Server.  If  Server  is  not  provided,  showmount  displays  information  about  the 
computer  on  which  the  showmount  command  is  run. 

You  must  provide  one  of  the  following  options: 


-e 

Displays  all  file  systems  exported  on  the  server. 

-a 

Displays  all  Network  File  System  (NFS)  clients  and  the  directories  on  the  server  each  has  mounted. 

-d 

Displays  all  directories  on  the  server  that  are  currently  mounted  by  NFS  clients. 

See  Also 

Services  for  Network  File  System  Command  Reference 


shutdown 

4/1 3/2018  •  3  min  to  read  • 

Edit  Online 

Enables  you  to  shut  down  or  restart  local  or  remote  computers  one  at  a  time. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

shutdown  [/i  |  /I  |  /s  |  /r  |  /a 
"comment"] ] 

|  /p  |  /h  |  /e]  [/f]  [/m  \\<ComputerName>]  [/t  <XXX>]  [/d  [p | u : ]<XX> : <YY>  [/c 

Parameters 

PARAMETER 

DESCRIPTION 

A 

Displays  the  Remote  Shutdown  Dialog  box.  The  /i  option 
must  be  the  first  parameter  following  the  command.  If/i  is 
specified,  all  other  options  are  ignored. 

A 

Logs  off  the  current  user  immediately,  with  no  time-out 
period.  You  cannot  use  /I  with  /m  or  /t. 

/s 

Shuts  down  the  computer. 

/r 

Restarts  the  computer  after  shutdown. 

/a 

Aborts  a  system  shutdown.  Effective  only  during  the  timeout 
period.  To  use  /a,  you  must  also  use  the  /m  option. 

/P 

Turns  off  the  local  computer  only  (not  a  remote  computer) — 
with  no  time-out  period  or  warning.  You  can  use  /p  only  with 
/d  or/f.  If  your  computer  does  not  support  power-off 
functionality,  it  will  shut  down  when  you  use  /p,  but  the  power 
to  the  computer  will  remain  on. 

/h 

Puts  the  local  computer  into  hibernation,  if  hibernation  is 
enabled.  You  can  use  /h  only  with  /f. 

/e 

Enables  you  to  document  the  reason  for  the  unexpected 
shutdown  on  the  target  computer. 

/f 

Forces  running  applications  to  close  without  warning  users. 
Caution:  Using  the /f  option  might  result  in  loss  of  unsaved 
data. 

/m  \\<ComputerName> 

Specifies  the  target  computer.  Cannot  be  used  with  the  /I 
option. 

PARAMETER 


DESCRIPTION 


/t  <XXX>  Sets  the  time-out  period  or  delay  to  XXX  seconds  before  a 

restart  or  shutdown.  This  causes  a  warning  to  display  on  the 
local  console.  You  can  specify  0-600  seconds.  If  you  do  not  use 
/t,  the  time-out  period  is  30  seconds  by  default. 


/d  [p|u:]<XX>:<  YY>  Lists  the  reason  for  the  system  restart  or  shutdown.  The 

following  are  the  parameter  values: 
p  Indicates  that  the  restart  or  shutdown  is  planned, 
u  Indicates  that  the  reason  is  user  defined. 

Note:  If  p  or  u  are  not  specified,  the  restart  or  shutdown  is 
unplanned. 

XX  Specifies  the  major  reason  number  (positive  integer  less 
than  256). 

YY  Specifies  the  minor  reason  number  (positive  integer  less 
than  65536). 


/c  "<Comment>"  Enables  you  to  comment  in  detail  about  the  reason  for  the 

shutdown.  You  must  first  provide  a  reason  by  using  the  /d 
option.  You  must  enclose  comments  in  quotation  marks.  You 
can  use  a  maximum  of  51 1  characters. 


/?  Displays  help  at  the  command  prompt,  including  a  list  of  the 

major  and  minor  reasons  that  are  defined  on  your  local 
computer. 


Remarks 

•  Users  must  be  assigned  the  Shut  down  the  system  user  right  to  shut  down  a  local  or  remotely  administered 
computer  that  is  using  the  shutdown  command. 

•  Users  must  be  members  of  the  Administrators  group  to  annotate  an  unexpected  shutdown  of  a  local  or 
remotely  administered  computer.  If  the  target  computer  is  joined  to  a  domain,  members  of  the  Domain  Admins 
group  might  be  able  to  perform  this  procedure.  For  more  information,  see: 

o  Default  local  groups 
o  Default  groups 

•  If  you  want  to  shut  down  more  than  one  computer  at  a  time,  you  can  call  shutdown  for  each  computer  by 
using  a  script,  or  you  can  use  shutdown  /i  to  display  the  Remote  Shutdown  Dialog  box. 

•  If  you  specify  major  and  minor  reason  codes,  you  must  first  define  these  reason  codes  on  each  computer  where 
you  plan  to  use  the  reasons.  If  the  reason  codes  are  not  defined  on  the  target  computer,  Shutdown  Event  Tracker 
cannot  log  the  correct  reason  text. 

•  Remember  to  indicate  that  a  shutdown  is  planned  by  using  the  p:  parameter.  Omitting  p:  indicates  that  a 
shutdown  is  unplanned.  If  you  type  p:  followed  by  the  reason  code  for  an  unplanned  shutdown,  the  command 
will  not  carry  out  the  shutdown.  Conversely,  if  you  omit  p:  and  type  in  the  reason  code  for  a  planned  shutdown, 
the  command  will  not  carry  out  the  shutdown. 

Examples 

To  force  applications  to  close  and  restart  the  local  computer  after  a  one-minute  delay  with  the  reason  "Application: 
Maintenance  (Planned)"  and  the  comment  "Reconfiguring  myapp.exe"  type: 

shutdown  /r  /t  60  /c  "Reconfiguring  myapp.exe"  /f  /d  p:4:l 


To  restart  the  remote  computer  WServerName  with  the  same  parameters,  type: 


shutdown  /r  /m  Wservername  /t  60  /c  "Reconfiguring  myapp.exe"  /f  /d  p:4:l 


Additional  references 

Command-Line  Syntax  Key 


sort 

4/13/2018  •  4  min  to  read  •  EditOnline 

Reads  input,  sorts  data,  and  writes  the  results  to  the  screen 

,  to  a  file,  or  to  another  device. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

sort  [/r]  [/+<N>]  [/m  <Kilobytes>]  [/I  <Locale>]  [/rec  <Characters>]  [ [<Drivel> : ] [<Pathl>]<FileNamel>]  [/t 
[<Drive2> : ] [<Path2>] ]  [/o  [<Drive3>: ] [<Path3>]<FileName3>] 

Parameters 

PARAMETER 

DESCRIPTION 

/r 

Reverses  the  sort  order  (that  is,  sorts  from  Z  to  A  and  from  9 
to  0). 

/+  <  N> 

Specifies  the  character  position  number  where  sort  will  begin 
each  comparison.  N  can  be  any  valid  integer. 

/m  <  Kilobytes  > 

Specifies  the  amount  of  main  memory  to  use  for  the  sort  in 
kilobytes  (KB). 

/I  <Locale> 

Overrides  the  sort  order  of  characters  that  are  defined  by  the 
system  default  locale  (that  is,  the  language  and 

Country/Region  selected  during  installation). 

/rec  <Characters> 

Specifies  the  maximum  number  of  characters  in  a  record  or  a 
line  of  the  input  file  (the  default  value  is  4,096  and  the 
maximum  is  65,535). 

[<  Drivel  >:][] 

Specifies  the  file  to  be  sorted.  If  no  file  name  is  specified,  the 
standard  input  is  sorted.  Specifying  the  input  file  is  faster  than 
redirecting  the  same  file  as  standard  input. 

A  [<Drive2>:][] 

Specifies  the  path  of  the  directory  to  hold  the  sort  command's 
working  storage  if  the  data  does  not  fit  in  the  main  memory. 

By  default,  the  system  temporary  directory  is  used. 

/o  [<  Drive3  > :][] 

Specifies  the  file  where  the  sorted  input  is  to  be  stored.  If  not 
specified,  the  data  is  written  to  the  standard  output.  Specifying 
the  output  file  is  faster  than  redirecting  standard  output  to 
the  same  file. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 


•  Using  the /+ command-line  option 


By  default,  comparisons  start  at  the  first  character  of  each  line.  The  /+  command-line  option  starts 
comparisons  at  the  character  that  is  specified  by  N.  For  example,  /+3  indicates  that  each  comparison 
should  begin  at  the  third  character  of  each  line.  Lines  with  fewer  than  N  characters  collate  before  other  lines. 

•  Using  the /m  command-line  option 

The  memory  used  is  always  a  minimum  of  1 60  KB.  If  the  memory  size  is  specified,  the  exact  specified 
amount  is  used  for  the  sort  (must  be  at  least  1 60  KB),  regardless  of  how  much  main  memory  is  available. 

The  default  maximum  memory  size  when  no  size  is  specified  is  90  percent  of  the  available  main  memory  if 
both  the  input  and  output  are  files,  or  45  percent  of  main  memory  otherwise.  The  default  setting  usually 
gives  the  best  performance. 

•  Using  the /I  command-line  option 

Currently,  the  only  alternative  to  the  default  locale  is  the  "C"  locale,  which  is  faster  than  natural  language 
sorting  (it  sorts  characters  according  to  their  binary  encodings). 

•  Using  redirection  symbols  with  the  sort  command 

You  can  use  the  pipe  symbol  (|)  to  direct  input  data  to  the  sort  command  from  another  command  or  to 
direct  sorted  output  to  another  command.  You  can  specify  input  and  output  files  by  using  redirection 
symbols  (<  or  >).  It  can  be  faster  and  more  efficient  (especially  with  large  files)  to  specify  the  input  file 
directly  (as  defined  by  FileNamel  in  the  command  syntax),  and  then  specify  the  output  file  using  the  /o 
parameter. 

•  Case  sensitivity 

The  sort  command  does  not  distinguish  between  uppercase  and  lowercase  letters. 

•  Limits  on  file  size 

The  sort  command  has  no  limit  on  file  size. 

•  Collating  sequence 

The  sort  program  uses  the  collating-sequence  table  that  corresponds  to  the  Country/Region  code  and  code- 
page  settings.  Characters  greater  than  ASCII  code  127  are  sorted  based  on  information  in  the  Country.sys 
file  or  in  an  alternate  file  specified  by  the  country  command  in  your  Config.nt  file. 

•  Memory  usage 

If  the  sort  fits  within  the  maximum  memory  size  (as  set  by  default  or  as  specified  by  the  /m  parameter),  the 
sort  is  performed  in  a  single  pass.  Otherwise,  the  sort  is  performed  in  two  separate  sort  and  merge  passes, 
and  the  amounts  of  memory  used  for  both  passes  are  equal.  When  two  passes  are  performed,  the  partially 
sorted  data  is  stored  in  a  temporary  file  on  disk.  If  there  is  not  enough  memory  to  perform  the  sort  in  two 
passes,  a  run-time  error  is  issued.  If  the  /m  command-line  option  is  used  to  specify  more  memory  than  is 
truly  available,  performance  degradation  or  a  run-time  error  can  occur. 

Examples 

Sorting  a  file 

To  sort  and  display  in  reverse  order  the  lines  in  a  file  named  Expenses.txt,  type: 
sort  /r  expenses.txt 

Sorting  the  output  from  a  command 

To  search  a  large  file  named  Maillist.txt  for  the  text  "Jones,"  and  to  sort  the  results  of  the  search,  use  the  pipe  (|)  to 


direct  the  output  of  a  find  command  to  the  sort  command,  as  follows: 
find  "Hones"  maillist.txt  |  sort 

The  command  produces  a  sorted  list  of  lines  that  contain  the  specified  text. 

Sorting  keyboard  input 

To  sort  keyboard  input  and  display  the  results  alphabetically  on  the  screen,  you  can  first  use  the  sort  command 
with  no  parameters,  as  follows: 

sort 

Then  type  the  text  that  you  want  sorted,  and  press  ENTER  at  the  end  of  each  line.  When  you  have  finished  typing 
text,  press  CTRL  +  Z,  and  then  press  ENTER.  The  sort  command  displays  the  text  you  typed,  sorted  alphabetically. 

Additional  references 

Command-Line  Syntax  Key 


start 


Starts  a  separate  Command  Prompt  window  to  run  a  specified  program  or  command. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

start  ["<Title>"]  [/d  <Path>]  [/i]  [{/min  |  /max}]  [{/separate  |  /shared}]  [{/low  |  /normal  |  /high  |  /realtime 
|  /abovenormal  |  belownormal}]  [/affinity  <HexAffinity>]  [/wait]  [/b  {<Command>  |  <Program>}  [<Parameters>] ] 

Parameters 


PARAMETER 

DESCRIPTION 

"<Title>" 

Specifies  the  title  to  display  in  the  Command  Prompt  window 
title  bar. 

/d  < Paths 

Specifies  the  startup  directory. 

/i 

Passes  the  Cmd.exe  startup  environment  to  the  new 
Command  Prompt  window.  If /i  is  not  specified,  the  current 
environment  is  used. 

{/min 

/max} 

{/separate 

/shared} 

{/low 

/normal 

/affinity  <HexAffinity> 

Applies  the  specified  processor  affinity  mask  (expressed  as  a 
hexadecimal  number)  to  the  new  application. 

/wait 

Starts  an  application  and  waits  for  it  to  end. 

/b 

Starts  an  application  without  opening  a  new  Command 
Prompt  window.  CTRL+C  handling  is  ignored  unless  the 
application  enables  CTRL+C  processing.  Use  CTRL+ BREAK  to 
interrupt  the  application. 

/b  {<Command> 

} 

<  Para  meters  > 

Specifies  parameters  to  pass  to  the  command  or  program. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 


•  You  can  run  nonexecutable  files  through  their  file  association  by  typing  the  name  of  the  file  as  a  command. 

•  When  you  run  a  command  that  contains  the  string  "CMD"  as  the  first  token  without  an  extension  or  path 
qualifier,  "CMD"  is  replaced  with  the  value  of  the  COM  SPEC  variable.  This  prevents  users  from  picking  up  cmd 
from  the  current  directory. 

•  When  you  run  a  32-bit  graphical  user  interface  (GUI)  application,  cmd  does  not  wait  for  the  application  to  quit 
before  returning  to  the  command  prompt.  This  behavior  does  not  occur  if  you  run  the  application  from  a 
command  script. 

•  When  you  run  a  command  that  uses  a  first  token  that  does  not  contain  an  extension,  Cmd.exe  uses  the  value  of 
the  PATH  EXT  environment  variable  to  determine  which  extensions  to  look  for  and  in  what  order.  The  default 
value  for  the  PATH  EXT  variable  is: 

.COM; .EXE; .BAT; .CMD 

Note  that  the  syntax  is  the  same  as  the  PATH  variable,  with  semicolons  separating  each  extension. 

•  When  it  searches  for  an  executable  file,  if  there  is  no  match  on  any  extension,  start  checks  to  see  if  the  name 
matches  a  directory  name.  If  it  does,  start  opens  Explorer.exe  on  that  path. 

Examples 

To  start  the  Myapp  program  at  the  command  prompt  and  retain  use  of  the  current  Command  Prompt  window, 
type: 

start  myapp 

To  view  the  start  command-line  help  topic  in  a  separate  maximized  Command  Prompt  window,  type: 

start  /max  start  /? 

Additional  references 

Command-Line  Syntax  Key 


subst 

4/13/2018  •  1  min  to  read  •  EditOnline 

Associates  a  path  with  a  drive  letter.  If  used  without  parameters,  subst  displays  the  names  of  the  virtual  drives  in 

effect. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

subst  [<Drivel>:  [<Drive2>: ]<Path>] 
subst  <Drivel>:  /d 

Parameters 

PARAMETER 

DESCRIPTION 

<  Drivel  >: 

Specifies  the  virtual  drive  to  which  you  want  to  assign  a  path. 

[<Drive2>:] 

Specifies  the  physical  drive  and  path  that  you  want  to  assign 
to  a  virtual  drive. 

/d 

Deletes  a  substituted  (virtual)  drive. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  following  commands  do  not  work  and  should  not  be  used  on  drives  that  are  specified  in  the  subst 
command: 

chkdsk 

diskcomp 

diskcopy 

format 

label 

recover 

•  The  Drive  1  parameter  must  be  within  the  range  that  is  specified  by  the  lastdrive  command.  If  not,  subst 
displays  the  following  error  message: 

Invalid  parameter  -  drivel: 


Examples 


To  create  a  virtual  drive  Z  for  the  path  B:\User\Betty\Forms,  type: 


subst  z:  b:\usen\betty\forms 


Instead  of  typing  the  full  path,  you  can  reach  this  directory  by  typing  the  letter  of  the  virtual  drive  followed  by  a 
colon  as  follows: 


Additional  references 

Command-Line  Syntax  Key 


sxstrace 


4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 

Windows  Server  2012 

Diagnoses  side-by-side  problems. 

Syntax 

sxstrace  [{[trace  /logfile:<FileName>  [/nostop] 
<AppName>] }] 

[parse  /logfile :<FileName>  /outfile:<ParsedFile>  [/filter: 

Parameters 

PARAMETER 

DESCRIPTION 

trace 

Enables  tracing  for  sxs  (side-by-side) 

/logfile 

Specifies  the  raw  log  file. 

Saves  tracing  log  to  FileName. 

/nostop 

Specifies  no  prompt  to  stop  tracing. 

parse 

Translates  the  raw  trace  file. 

/outfile 

Specifies  the  output  filename. 

Specifies  the  filename  of  the  parsed  file. 

/filter 

Allows  the  output  to  be  filtered. 

Specifies  the  name  of  the  application. 

stoptrace 

Stop  the  trace  if  it  is  not  stopped  before. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

Enable  tracing  and  save  trace  file  to  sxstrace.etl: 

sxstrace  trace  /logfile:sxstrace.etl 

Translate  the  raw  trace  file  into  a  human  readable  format  and  save  the  result  to  sxstrace.txt: 


sxstrace  parse  /logfile:sxstrace.etl  /outfile:sxstrace.txt 


additional  references 

•  Command-Line  Syntax  Key 


sysocmgr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Sysocmgr  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  Sysocmgr. 


systeminfo 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  detailed  configuration  information  about  a  computer  and  its  operating  system,  including  operating  system 
configuration,  security  information,  product  I D,  and  hardware  properties  (such  as  RAM,  disk  space,  and  network 
cards). 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


Systeminfo  [/s  <Computer> 

[/u  <Domain>\<UserName>  [/p  <Passwond>] ] ]  [/fo  {TABLE  |  LIST  |  CSV}]  [/nh] 

Parameters 

PARAMETER 

DESCRIPTION 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  < Domains  <UserName> 

Runs  the  command  with  the  account  permissions  of  the 
specified  user  account.  If  /u  is  not  specified,  this  command 
uses  the  permissions  of  the  user  who  is  currently  logged  on  to 
the  computer  that  is  issuing  the  command. 

/p  <  Password  > 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/fo  <Format> 

Specifies  the  output  format  with  one  of  the  following  values: 
TABLE:  Displays  output  in  a  table. 

LIST:  Displays  output  in  a  list. 

CSV:  Displays  output  in  Comma  Separated  Values  format. 

/nh 

Suppresses  column  headers  in  the  output.  Valid  when  the  /fo 
parameter  is  set  to  TABLE  or  CSV. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  view  configuration  information  for  a  computer  named  Srvmain,  type: 

systeminfo  /s  srvmain 

To  remotely  view  configuration  information  for  a  computer  named  Srvmain2  that  is  located  on  the  Maindom 
domain,  type: 


systeminfo  /s  srvmain2  /u  maindom\hiropln 

To  remotely  view  configuration  information  (in  list  format)  for  a  computer  named  Srvmain2  that  is  located  on  the 
Maindom  domain,  type: 


systeminfo  /s  srvmain2  /u  maindom\hiropln  /p  p@ssW23  /fo  list 


Additional  references 

Command-Line  Syntax  Key 


takeown 

4/13/2018  •  1  min  to  read  •  EditOnline 

Enables  an  administrator  to  recover  access  to  a  file  that  previously  was  denied,  by  making  the  administrator  the 

owner  of  the  file. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

takeown  [ /s  <Computer>  [/u  [<Domain>\]<User  name>  [/p 

[<Password>] ] ] ]  /f  <File  name>  [/a]  [/r  [/d  {Y | N} ] ] 

Parameters 

PARAMETER 

DESCRIPTION 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  value  is  the  local  computer. 

This  parameter  applies  to  all  of  the  files  and  folders  specified  in 
the  command. 

/u  [<Domain>] 

Runs  the  script  with  the  permissions  of  the  specified  user 
account.  The  default  value  is  system  permissions. 

/p  [<Password>] 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/f  <  File  name> 

Specifies  the  file  name  or  directory  name  pattern.  You  can  use 
the  wildcard  character  *  when  specifying  the  pattern.  You  can 
also  use  the  syntax  ShareName*F\\eName*. 

/a 

Gives  ownership  to  the  Administrators  group  instead  of  the 
current  user. 

/r 

Performs  a  recursive  operation  on  all  files  in  the  specified 
directory  and  subdirectories. 

/d{Y 

N} 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  This  command  is  typically  used  in  batch  files. 

•  If  the  /a  parameter  is  not  specified,  file  ownership  is  given  to  the  user  who  is  currently  logged  on  to  the 
computer. 

•  Mixed  patterns  using  (?  and  *)  are  not  supported  by  takeown  command. 

•  After  deleting  the  lock  with  takeown,  you  might  have  to  use  Windows  Explorer  or  the  cacls  command  to  give 
yourself  full  permissions  to  the  files  and  directories  before  you  can  delete  them.  For  more  information  about 


cacls,  see  "Additional  references"  at  the  end  of  this  topic. 


Examples 

To  take  ownership  of  a  file  named  Lostfile,  type: 


takeown  /f  lostfile 


Additional  references 

Command-Line  Syntax  Key 


tapicfg 

1 0/1 7/2017  •  4  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

creates,  removes,  or  displays  a  TAPI  application  directory  partition,  or  sets  a  default  TAPI  application  directory 

partition.  TAPI  3.1  clients  can  use  the  information  in  this  application  directory  partition  with  the  directory  service 

locator  service  to  find  and  communicate  with  TAPI  directories.You  can  also  use  tapicfg  to  create  or  remove  service 

connection  points,  which  enable  TAPI  clients  to  efficiently  locate  TAPI  application  directory  partitions  in  a  domain. 

For  more  information,  see  remarks.  To  view  the  command  syntax,  click  a  command. 

•  tapicfg  install 

•  tapicfg  remove 

•  tapicfg  pubiishscp 

•  tapicfg  removescp 

•  tapicfg  show 

•  tapicfg  makedefault  ##  tapicfg  install  creates  a  TAPI  application  directory  partition.  ###  Syntax 

tapicfg  install  /directory :<PartitionName>  [/server: <DCName>]  [/forcedefault]  ###  Parameters 

|Parameter|Description|  | - 1 . -|  |install  /directory:|Required.  Specifies  the  DNS  name  of  the  TAPI 

application  directory  partition  to  be  created.  This  name  must  be  a  fully  qualified  domain  name.|  |/server: 

|S pecifies  the  DNS  name  of  the  domain  controller  on  which  the  TAPI  application  directory  partition  is  created.  If 
the  domain  controller  name  is  not  specified,  the  name  of  the  local  computer  is  used.|  |/forcedefault|Specifies 
that  this  directory  is  the  default  TAPI  application  directory  partition  for  the  domain.  There  can  be  multiple  TAPI 
application  directory  partitions  in  a  domain. 

if  this  directory  is  the  first  TAPI  application  directory  partition  created  on  the  domain,  it  is  automatically  set  as 
the  default,  regardless  of  whether  you  use  the  /forcedefault  option. |  |/?| Displays  help  at  the  command  prompt.| 
##  tapicfg  remove  removes  a  TAPI  application  directory  partition.  ###  Syntax 

tapicfg  remove  /directory:<PartitionName>  ###  Parameters  |Parameter|Description|  | - 1 . |  |remove 

/directory:| Required.  Specifies  the  DNS  name  of  the  TAPI  application  directory  partition  to  be  removed.  Note 
that  this  name  must  be  a  fully  qualified  domain  name.|  |/?| Displays  help  at  the  command  prompt.|  ##  tapicfg 
pubiishscp  creates  a  service  connection  point  to  publish  a  TAPI  application  directory  partition.  ###  Syntax 
tapicfg  pubiishscp  /directory:<PartitionName>  [/domain : <DomainName>]  [/forcedefault]  ###  Parameters 

|Parameter|Description|  |- . -| . -|  |publishscp  /directory:|Required.  Specifies  the  DNS  name  of  the  TAPI 

application  directory  partition  that  the  service  connection  point  will  publish. |  |/domain:|Specifies  the  DNS  name 
of  the  domain  in  which  the  service  connection  point  is  created.  If  the  domain  name  is  not  specified,  the  name  of 
the  local  domain  is  used.|  |/forcedefault|S pecifies  that  this  directory  is  the  default  TAPI  application  directory 
partition  for  the  domain.  There  can  be  multiple  TAPI  application  directory  partitions  in  a  domain. |  |/?| Displays 
help  at  the  command  prompt.|  ##  tapicfg  removescp  removes  a  service  connection  point  for  a  TAPI  application 
directory  partition.  ###  Syntax  tapicfg  removescp  /directory:<PartitionName>  [/domain : <DomainName>]  ### 

Parameters  |Parameter|Description|  |- . | . |  |removescp  /directory:|Required.  Specifies  the  DNS  name  of 

the  TAPI  application  directory  partition  for  which  a  service  connection  point  is  removed. |  |/domain:  |S pecifies 
the  DNS  name  of  the  domain  from  which  the  service  connection  point  is  removed.  If  the  domain  name  is  not 
specified,  the  name  of  the  local  domain  is  used.|  |/?| Displays  help  at  the  command  prompt.|  ##  tapicfg  show 
Displays  the  names  and  locations  of  the  TAPI  application  directory  partitions  in  the  domain.  ###  Syntax 

tapicfg  show  [/defauitoniy] [  /domain:<DomainName>]  ###  Parameters  |Parameter|Description|  I . I . I 

l/defaultonlyl Displays  the  names  and  locations  of  only  the  default  TAPI  application  directory  partition  in  the 


domain. |  |/domain:  |S pecifies  the  DNS  name  of  the  domain  for  which  the  TAPI  application  directory  partitions 
are  displayed.  If  the  domain  name  is  not  specified,  the  name  of  the  local  domain  is  used.|  |/?| Displays  help  at  the 
command  prompt.|  ##  tapicfg  makedefault  Sets  the  default  TAPI  application  directory  partition  for  the  domain. 
###  Syntax  tapicfg  makedefault  /directory  :<PartitionName>  [/domain : <DomainName>]  ###  Parameters 

|Parameter|Description|  | - 1- . |  |makedefault  /directory:|Required.  Specifies  the  DNS  name  of  the  TAPI 

application  directory  partition  set  as  the  default  partition  for  the  domain.  Note  that  this  name  must  be  a  fully 
qualified  domain  name.  Specifies  the  DNS  name  of  the  domain  for  which  the  TAPI  application  directory 
partition  is  set  as  the  default.  If  the  domain  name  is  not  specified,  the  name  of  the  local  domain  is  used.|  |/? 

| Displays  help  at  the  command  prompt.|  ###  remarks  You  must  be  a  member  of  the  Enterprise  Admins  group  in 
active  directory  to  run  either  tapicfg  install  (to  create  a  TAPI  application  directory  partition)  or  tapicfg 
remove  (to  remove  a  TAPI  application  directory  partition).  This  command-line  tool  can  be  run  on  any  computer 
that  is  a  member  of  the  domain.  User-supplied  text  (such  as  the  names  of  TAPI  application  directory  partitions, 
servers,  and  domains)  with  International  or  Unicode  characters  are  only  displayed  correctly  if  appropriate  fonts 
and  language  support  are  installed.  You  can  still  use  Internet  Locator  Service  (ILS)  servers  in  your  organization, 
if  ILS  is  needed  to  support  certain  applications,  because  TAPI  clients  running  Windows  XP  or  a  Windows 
Server  2003  operating  system  can  query  either  ILS  servers  or  TAPI  application  directory  partitions.  You  can  use 
tapicfg  to  create  or  remove  service  connection  points.  If  the  TAPI  application  directory  partition  is  renamed  for 
any  reason  (for  example,  if  you  rename  the  domain  in  which  it  resides),  you  must  remove  the  existing  service 
connection  point  and  create  a  new  one  that  contains  the  new  DNS  name  of  the  TAPI  application  directory 
partition  to  be  published.  Otherwise,  TAPI  clients  are  unable  to  locate  and  access  the  TAPI  application  directory 
partition.  You  can  also  remove  a  service  connection  point  for  maintenance  or  security  purposes  (for  example,  if 
you  do  not  want  to  expose  TAPI  data  on  a  specific  TAPI  application  directory  partition).  ###  Examples  To  create 
a  TAPI  application  directory  partition  named  tapifiction.testdom.microsoft.com  on  a  server  named 
testdc.testdom.microsoft.com  and  then  set  it  as  the  default  TAPI  application  directory  partition  for  the  new 
domain,  type: 

tapicfg  install  /directory : tapifiction.testdom.microsoft.com  /server: testdc.testdom.microsoft.com 

/forcedefault 

To  display  the  name  of  the  default  TAPI  application  directory  partition  for  the  new  domain,  type: 

tapicfg  show  /defauitoniy  ##  additional  references 
Command-Line  Syntax  Key 


taskkill 

2/1 0/2018  •  3  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Ends  one  or  more  tasks  or  processes.  Processes  can  be  ended  by  process  ID  or  image  name,  taskkill  replaces  the 
kill  tool,  for  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

taskkill  [/s  <computer>  [/u  [<Domain>\]<UserName>  [/p  [<Password>] ] ] ]  {[/fi  <Filter>]  [...]  [/pid  <ProcessID> 
|  /im  <ImageName>] }  [/f]  [/t] 


Parameters 

PARAMETER  DESCRIPTION 


/s 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  \ 

Runs  the  command  with  the  account  permissions  of  the  user 
who  is  specified  by  UserName  or  Domain\UserName.  /u  can 
be  specified  only  if /s  is  specified.  The  default  is  the 
permissions  of  the  user  who  is  currently  logged  on  to  the 
computer  that  is  issuing  the  command. 

/p 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/fi 

Applies  a  filter  to  select  a  set  of  tasks.  You  can  use  more  than 
one  filter  or  use  the  wildcard  character  (V)  to  specify  all  tasks 
or  image  names.  See  the  following  table  for  valid  filter  names, 
operators,  and  values. 

/pid 

Specifies  the  process  ID  of  the  process  to  be  terminated. 

/im 

Specifies  the  image  name  of  the  process  to  be  terminated.  Use 
the  wildcard  character  (V)  to  specify  all  image  names. 

/f 

Specifies  that  processes  be  forcefully  terminated.  This 
parameter  is  ignored  for  remote  processes;  all  remote 
processes  are  forcefully  terminated. 

/t 


Filter  names,  operators,  and  values 


Terminates  the  specified  process  and  any  child  processes 
started  by  it. 


FILTER  NAME 


VALID  OPERATORS 


VALID  VALUE(S) 


STatUS 

eq,  ne 

RUNNING  |  NOT  RESPONDING  | 
UNKNOWN 

IMAGENAME 

eq,  ne 

Image  name 

PID 

eq,  ne,  gt,  It,  ge,  le 

PID  value 

SESSION 

eq,  ne,  gt,  It,  ge,  le 

Session  number 

CPUtime 

eq,  ne,  gt,  It,  ge,  le 

CPU  time  in  the  format  HH:MM:SS, 
where  MM  and  SS  are  between  0  and 

59  and  HH  is  any  unsigned  number 

MEMUSAGE 

eq,  ne,  gt,  It,  ge,  le 

Memory  usage  in  KB 

USERNAME 

eq,  ne 

Any  valid  user  name  ( User  or 
Domain\User) 

SERVICES 

eq,  ne 

Service  name 

WINDOWTITLE 

eq,  ne 

Window  title 

MODULES 

eq,  ne 

DLL  name 

Remarks 

•  The  WIN  DOWTITLE  and  STatUS  filters  are  not  supported  when  a  remote  system  is  specified. 

•  The  wildcard  character  (V  is  accepted  for  the  **/im *  option  only  when  a  filter  is  applied. 

•  Termination  of  remote  processes  is  always  carried  out  forcefully,  regardless  of  whether  the  /f  option  is 
specified. 

•  Supplying  a  computer  name  to  the  hostname  filter  causes  a  shutdown  and  all  processes  are  stopped. 

•  You  can  use  tasklist  to  determine  the  process  ID  (PID)  for  the  process  to  be  terminated.  ##  Examples  To  end 
the  processes  with  process  IDs  1230,  1241,  and  1253,  type:  taskkiii  /pid  1230  /pid  1241  /pid  1253  To 
forcefully  end  the  process  "Notepad.exe"  if  it  was  started  by  the  system,  type: 

taskkiii  /f  /fi  "USERNAME  eq  NT  AUTHORITY\SYSTEM"  /im  notepad.exe  To  end  all  processes  on  the  remote 
computer  "Srvmain"  with  an  image  name  beginning  with  "note,"  while  using  the  credentials  for  the  user 
account  Hiropln,  type:  taskkiii  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23  /fi  "IMAGENAME  eq  note*"  /im  *  To 
end  the  process  with  the  process  ID  2134  and  any  child  processes  that  it  started,  but  only  if  those  processes 
were  started  by  the  Administrator  account,  type:  taskkiii  /pid  2134  /t  /fi  "username  eq  administrator"  To  end 
all  processes  that  have  a  process  ID  greater  than  or  equal  to  1 000,  regardless  of  their  image  names,  type: 
taskkiii  /f  /fi  "pid  ge  1000"  /im  *  ####  additional  references  Command-Line  Syntax  Key 


tasklist 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Displays  a  list  of  currently  running  processes  on  the  local  computer  or  on  a  remote  computer.  Tasklist  replaces  the 
tlist  tool. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

tasklist  [/s  <Computer>  [/u  [<Domain>\]<UserName>  [/p  <Passwond>] ] ]  [{/m  <Module>  |  /svc  |  / v} ]  [/fo  {table  | 
list  |  csv}]  [/nh]  [/fi  <Filter>  [/fi  <Filter>  [  ...  ]]] 

Parameters 


PARAMETER 

DESCRIPTION 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer. 

/u  [<Domain>] 

Runs  the  command  with  the  account  permissions  of  the  user 
who  is  specified  by  UserName  or  Domoin*UserName.  **/u* 
can  be  specified  only  if  /s  is  specified.  The  default  is  the 
permissions  of  the  user  who  is  currently  logged  on  to  the 
computer  that  is  issuing  the  command. 

/p  <  Password  > 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/m  <Module> 

Lists  all  tasks  with  DLL  modules  loaded  that  match  the  given 
pattern  name.  If  the  module  name  is  not  specified,  this  option 
displays  all  modules  loaded  by  each  task. 

/svc 

Lists  all  the  service  information  for  each  process  without 
truncation.  Valid  when  the  /fo  parameter  is  set  to  table. 

/v 

Displays  verbose  task  information  in  the  output.  For  complete 
verbose  output  without  truncation,  use  /v  and  /svc  together. 

/fo  {table 

list 

/nh 

Suppresses  column  headers  in  the  output.  Valid  when  the  /fo 
parameter  is  set  to  table  or  csv. 

/fi  <Filter> 

Specifies  the  types  of  processes  to  include  in  or  exclude  from 
the  query.  See  the  following  table  for  valid  filter  names, 
operators,  and  values. 

/? 

Displays  help  at  the  command  prompt. 

Filter  names,  operators,  and  values 


FILTER  NAME 


VALID  OPERATORS 


VALID  VALUES 


STATUS 

eq,  ne 

RUNNING 

IMAGENAME 

eq,  ne 

Image  name 

PID 

eq,  ne,  gt,  It,  ge,  le 

PID  value 

SESSION 

eq,  ne,  gt,  It,  ge,  le 

Session  number 

SESSIONNAME 

eq,  ne 

Session  name 

CPUTIME 

eq,  ne,  gt,  It,  ge,  le 

CPU  time  in  the  format  HH:MM:SS, 
where  MM  and  SS  are  between  0  and  59 
and  HH  is  any  unsigned  number 

MEMUSAGE 

eq,  ne,  gt,  It,  ge,  le 

Memory  usage  in  KB 

USERNAME 

eq,  ne 

Any  valid  user  name 

SERVICES 

eq,  ne 

Service  name 

WINDOWTITLE 

eq,  ne 

Window  title 

MODULES 

eq,  ne 

DLL  name 

Remarks 

•  The  WIN  DOWTITLE  and  STATUS  filters  are  not  supported  when  a  remote  system  is  specified. 

Examples 

To  list  all  tasks  with  a  process  ID  greater  than  1 000,  and  display  them  in  CSV  format,  type: 

tasklist  /v  /fi  "PID  gt  1000"  /fo  csv 

To  list  the  system  processes  that  are  currently  running,  type: 

tasklist  /fi  "USERNAME  ne  NT  AUTHORITY\SYSTEM"  /fi  "STATUS  eq  running" 

To  list  detailed  information  for  all  processes  that  are  currently  running,  type: 
tasklist  /v  /fi  "STATUS  eq  running" 

To  list  all  the  service  information  for  processes  on  the  remote  computer  "Srvmain"  that  have  a  DLL  name 
beginning  with  "ntdll,"  type: 

tasklist  /s  srvmain  /svc  /fi  "MODULES  eq  ntdll*" 

To  list  the  processes  on  the  remote  computer  "Srvmain,"  using  the  credentials  of  your  currently  logged-on  user 
account,  type: 


tasklist  /s  srvmain 


To  list  the  processes  on  the  remote  computer  "Srvmain,"  using  the  credentials  of  the  user  account  Hiropln,  type: 


tasklist  /s  srvmain  /u  maindom\hiropln  /p  p@ssW23 


Additional  references 

Command-Line  Syntax  Key 


tcmsetup 

4/13/2018  •  1  min  to  read  •  Edit  Online 

Sets  up  or  disables  the  TAPI  client. 

Syntax 

tcmsetup  [ /q ]  [ /x ] 
tcmsetup  [/q]  /c 

/c  <Serverl>  [<Server2>  ...] 

Id 

Parameters 

PARAMETER 

DESCRIPTION 

/q 

Prevents  the  display  of  message  boxes. 

/x 

Specifies  that  connection-oriented  callbacks  will  be  used  for 
heavy  traffic  networks  where  packet  loss  is  high.  When  this 
parameter  is  omitted,  connectionless  callbacks  will  be  used. 

/c 

Required.  Specifies  client  setup. 

<Server1  > 

Required.  Specifies  the  name  of  the  remote  server  that  has  the 
TAPI  service  providers  that  the  client  will  use.  The  client  will 
use  the  service  providers'  lines  and  phones.  The  client  must  be 
in  the  same  domain  as  the  server  or  in  a  domain  that  has  a 
two-way  trust  relationship  with  the  domain  that  contains  the 

server. 

<Server2>... 

Specifies  any  additional  server  or  servers  that  will  be  available 
to  this  client.  If  you  specify  a  list  of  servers  is,  use  a  space  to 
separate  the  server  names. 

/d 

Clears  the  list  of  remote  servers.  Disables  the  TAPI  client  by 
preventing  it  from  using  the  TAPI  service  providers  that  are  on 
the  remote  servers. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  To  perform  this  procedure,  you  must  be  a  member  of  the  Administrators  group  on  the  local  computer,  or  you 
must  have  been  delegated  the  appropriate  authority.  If  the  computer  is  joined  to  a  domain,  members  of  the 
Domain  Admins  group  might  be  able  to  perform  this  procedure.  As  a  security  best  practice,  consider  using  Run 
as  to  perform  this  procedure. 

•  In  order  for  TAPI  to  function  correctly,  you  must  run  tcmsetup  to  specify  the  remote  servers  that  will  be  used 
by  TAPI  clients. 

•  Before  a  client  user  can  use  a  phone  or  line  on  a  TAPI  server,  the  telephony  server  administrator  must  assign  the 
user  to  the  phone  or  line. 

•  The  list  of  telephony  servers  that  is  created  by  this  command  replaces  any  existing  list  of  telephony  servers 
available  to  the  client.  You  cannot  use  this  command  to  add  to  the  existing  list. 


Additional  references 

Command-Line  Syntax  Key 

Command  shell  overview 

Specify  telephony  servers  on  a  client  computer 

Assign  a  telephony  user  to  a  line  or  phone 


telnet 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Communicates  with  a  computer  running  the  telnet  Server  service. 

Syntax 

telnet  [/a]  [/e  <EscapeChar>]  [/f  <FileName>]  [/I  <UserName>]  [/t  {vtl00  ]  vt52  |  ansi  |  vtnt}]  [<Host> 
[<Port>] ]  [/?] 

Parameters 


PARAMETER 

DESCRIPTION 

/a 

attempt  automatic  logon.  Same  as  /I  option  except  uses  the 
currently  logged  on  user  s  name. 

/e 

Escape  character  used  to  enter  the  telnet  client  prompt. 

/f 

File  name  used  for  client  side  logging. 

/I 

Specifies  the  user  name  to  log  on  with  on  the  remote 
computer. 

/t  (vtlOO  |  vt52  |  ansi  |  vtnt) 

Specifies  the  terminal  type.  Supported  terminal  types  are 
vtlOO,  vt52,  ansi,  and  vtnt. 

D 

Specifies  the  hostname  or  IP  address  of  the  remote  computer 
to  connect  to,  and  optionally  the  TCP  port  to  use  (default  is 
TCP  port  23). 

/? 

Displays  help  at  the  command  prompt.  Alternatively,  you  can 
type  /h. 

remarks 

•  You  must  install  the  telnet  client  software  before  you  can  run  this  command.  For  more  information,  see 

Installing  telnet. 

•  You  can  run  telnet  without  parameters  to  enter  the  telnet  context,  indicated  by  the  telnet  prompt  (Microsoft 
telnet>).  From  the  telnet  prompt,  you  can  use  telnet  commands  to  manage  the  computer  running  the  telnet 
client.  ##  Examples  Use  telnet  to  connect  to  the  computer  running  the  telnet  Server  Service  at 
telnet.microsoft.com.  telnet  teinet.microsoft.com  Use  telnet  to  connect  to  the  computer  running  the  telnet 
Server  Service  at  telnet.microsoft.com  on  TCP  port  44  and  log  the  session  activity  in  a  local  file  called 
telnetlog.txt  telnet  /f  teinetiog.txt  teinet.microsoft.com  44  ##  additional  references 


•  Installing  telnet 

•  telnet  Technical  Reference 


Command-Line  Syntax  Key 


tftp 

1 0/1 7/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Transfers  files  to  and  from  a  remote  computer,  typically  a  computer  running  U  N IX,  that  is  running  the  Trivial  File 
Transfer  Protocol  (tftp)  service  or  daemon,  tftp  is  typically  used  by  embedded  devices  or  systems  that  retrieve 
firmware,  configuration  information,  or  a  system  image  during  the  boot  process  from  a  tftp  server. 

Syntax 

tftp  [-i]  [<Host>]  [{get  |  put}]  <Source>  [<Destination>] 


Parameters 

PARAMETER 


DESCRIPTION 


-i 

Specifies  binary  image  transfer  mode  (also  called  octet  mode). 

In  binary  image  mode,  the  file  is  transferred  in  one-byte  units. 
Use  this  mode  when  transferring  binary  files.  If  -i  is  omitted, 
the  file  is  transferred  in  ASCII  mode.  This  is  the  default  transfer 
mode.  This  mode  converts  the  end-of-line  (EOL)  characters  to 
an  appropriate  format  for  the  specified  computer.  Use  this 
mode  when  transferring  text  files.  If  a  file  transfer  is  successful, 
the  data  transfer  rate  is  displayed. 

Specifies  the  local  or  remote  computer. 

put 

Transfers  the  file  Source  on  the  local  computer  to  the  file 
Destination  on  the  remote  computer.  Because  the  tftp 
protocol  does  not  support  user  authentication,  the  user  must 
be  logged  onto  the  remote  computer,  and  the  files  must  be 
writable  on  the  remote  computer. 

get 

Transfers  the  file  Destination  on  the  remote  computer  to  the 
file  Source  on  the  local  computer. 

Specifies  the  file  to  transfer. 

Specifies  where  to  transfer  the  file. 


remarks 

•  You  can  install  the  tftp  client  using  the  add  Features  Wizard. 

•  The  tftp  protocol  does  not  support  any  authentication  or  encryption  mechanism,  and  as  such  can  introduce  a 
security  risk  when  present.  Installing  the  tftp  client  is  not  recommended  for  systems  connected  to  the  Internet. 

•  The  tftp  client  is  optional  software,  and  marked  as  deprecated  on  Windows  Vista  and  later  versions  of  the 
Windows  operating  system.  A  tftp  server  service  is  no  longer  provided  by  Microsoft  for  security  reasons. 

##  Examples 


copy  the  file  boot.img  from  the  remote  computer  Hostl. 
tftp  i  Hostl  get  boot.img 
##  additional  references 
Command-Line  Syntax  Key 


time 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  or  sets  the  system  time.  If  used  without  parameters,  time  displays  the  current  system  time  and  prompts 
you  to  enter  a  new  time. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

time  [/t  |  [<HH>[ : <MM>[ : <SS>] ]  [am | pm] ] ] 


Parameters 

PARAMETER  DESCRIPTION 

< HH> [:[:[.]]]  [am  pm] 

/t  Displays  the  current  time  without  prompting  you  for  a  new 

time. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  To  change  the  current  time,  you  must  have  administrative  credentials. 

•  You  must  separate  values  for  HH,  MM,  and  SS  with  colons  (:).  SS  and  N N  must  be  separated  with  a  period  (.). 

•  Valid  HH  values  are  0  through  24. 

•  Valid  MM  and  SS  values  are  0  through  59. 

Examples 

If  command  extensions  are  enabled,  to  display  the  current  system  time,  type: 

time  /t 

To  change  the  current  system  time  to  5:30  P.M.,  type  either  of  the  following: 

time  17:30:00 
time  5:30  pm 


To  display  the  current  system  time,  followed  by  a  prompt  to  enter  a  new  time,  type: 

The  current  time  is:  17:33:31.35 
Enter  the  new  time: 


To  keep  the  current  time  and  return  to  the  command  prompt,  press  ENTER.  To  change  the  current  time,  type  the 


new  time  and  then  press  ENTER. 

Additional  references 

Command-Line  Syntax  Key 


timeout 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Pauses  the  command  processor  for  the  specified  number  of  seconds. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

timeout  /t  <TimeoutInSeconds>  [/nobreak] 


Parameters 

PARAMETER  DESCRIPTION 

/t  <TimeoutlnSeconds>  Specifies  the  decimal  number  of  seconds  (between  -1  and 

99999)  to  wait  before  the  command  processor  continues 
processing.  The  value  -1  causes  the  computer  to  wait 
indefinitely  for  a  keystroke. 

/nobreak  Specifies  to  ignore  user  key  strokes. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  The  timeout  command  is  typically  used  in  batch  files. 

•  A  user  keystroke  resumes  the  command  processor  execution  immediately,  even  if  the  timeout  period  has  not 
expired. 

•  When  used  in  conjunction  with  the  sleep  command,  timeout  is  similar  to  the  pause  command. 

Examples 

To  pause  the  command  processor  for  ten  seconds,  type: 

timeout  /t  10 

To  pause  the  command  processor  for  1 00  seconds  and  ignore  any  keystroke,  type: 

timeout  /t  100  /nobreak 

To  pause  the  command  processor  indefinitely  until  a  key  is  pressed,  type: 

timeout  /t  -1 

Additional  references 

Command-Line  Syntax  Key 


title 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Creates  a  title  for  the  Command  Prompt  window. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

title  [<String>] 


Parameters 

PARAMETER  DESCRIPTION 


<String> 


Specifies  the  title  of  the  Command  Prompt  window. 


/?  Displays  help  at  the  command  prompt. 

Remarks 

•  To  create  window  title  for  batch  programs,  include  the  title  command  at  the  beginning  of  a  batch  program. 

•  After  a  window  title  is  set,  you  can  reset  it  only  by  using  the  title  command. 

Examples 

In  the  following  sample  script,  the  title  of  the  Command  Prompt  window  is  changed  to  "Updating  Files"  while  the 
batch  file  executes  the  copy  command.  After  the  command  is  executed,  the  text  Files  updated  is  displayed,  and 
the  title  of  the  Command  Prompt  window  is  changed  back  to  "Command  Prompt." 

@echo  off 

title  Updating  Files 

copy  \\server\share\*.xls  c:\users\common\*. xls 
echo  Files  Updated, 
title  Command  Prompt 

Additional  references 

Command-Line  Syntax  Key 


tlntadmn 

1 0/1 7/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Administers  a  local  or  remote  computer  that  is  running  the  telnet  Server  Service. 

Syntax 

tlntadmn  [<computerName>]  [-u  <UserName>]  [-p  <Passwond>]  [{start  |  stop  |  pause  |  continue}]  [-s  {<SessionID> 
|  all}]  [-k  {<SessionID>  |  all}]  [-m  {<SessionID>  |  all}  <Message>]  [config  [dom  =  <Domain>]  [ctrlakeymap  = 
{yes  |  no}]  [timeout  =  <hh> : <mm> : <ss>]  [timeoutactive  =  {yes  |  no}]  [maxfail  =  <attempts>]  [maxconn  = 
<Connections>]  [port  =  <Number>]  [sec  {+  |  -}NTLM  {+  ]  -}passwd]  [mode  =  {console  |  stream}]]  [-?] 


Parameters 

PARAMETER 

DESCRIPTION 

Specifies  the  name  of  the  server  to  connect  to.  The  default  is 
the  local  computer. 

-u  -p 

Specifies  administrative  credentials  for  a  remote  server  that 
you  want  to  administer.  This  parameter  is  required  if  you  want 
to  administer  a  remote  server  to  which  you  are  not  logged  on 
with  administrative  credentials. 

start 

starts  the  telnet  Server  Service. 

stop 

Stops  the  telnet  Server  Service 

pause 

pauses  the  telnet  Server  Service.  No  new  connections  will  be 
accepted. 

continue 

Resumes  the  telnet  Server  Service. 

-s  { |  all) 

Displays  active  telnet  sessions. 

-k  { |  all} 

Ends  telnet  sessions,  type  the  Session  ID  to  end  a  specific 
session,  or  type  all  to  end  all  the  sessions. 

-m  { |  all] 

Sends  a  message  to  one  or  more  sessions,  type  the  session  ID 
to  send  a  message  to  a  specific  session,  or  type  all  to  send  a 
message  to  all  sessions,  type  the  message  that  you  want  to 
send  between  quotation  marks. 

config  dom  = 

Configures  the  default  domain  for  the  server. 

config  ctrlakeymap  =  {yes  |  no] 

Specifies  if  you  want  the  telnet  server  to  interpret  CTRL+A  as 
ALT  type  yes  to  map  the  shortcut  key,  or  type  no  to  prevent 
the  mapping. 

PARAMETER 


DESCRIPTION 


config  timeout  =  :: 

Sets  the  time-out  period  in  hours,  minutes,  and  seconds. 

config  timeoutactive  =  {yes  |  no 

Enables  the  idle  session  timeout. 

config  maxfail  = 

Sets  the  maximum  number  of  failed  logon  attempts  before 
disconnecting. 

config  maxconn  = 

Sets  the  maximum  number  of  connections. 

config  port  = 

Sets  the  telnet  port.  You  must  specify  the  port  with  an  integer 
smaller  than  1024. 

config  sec  {+  |  -}NTLM  {+  |  -}passwd 

Specifies  whether  you  want  to  use  NTLM,  a  password,  or  both 
to  authenticate  logon  attempts.  To  use  a  particular  type  of 
authentication,  type  a  plus  sign  (+)  before  that  type  of 
authentication.  To  prevent  using  a  particular  type  of 
authentication,  type  a  minus  sign  (-)  before  that  type  of 
authentication. 

config  mode  =  {console  |  stream} 

Specifies  the  mode  of  operation. 

-? 

Displays  help  at  the  command  prompt. 

remarks 

•  To  display  the  server  settings,  type  tlntadmn  without  any  parameters. 

•  To  use  the  tlntadmn  command,  you  must  log  on  to  the  local  computer  with  administrative  credentials.  To 
administer  a  remote  computer,  you  must  also  provide  administrative  credentials  for  the  remote  computer.  You 
can  do  so  by  logging  on  to  the  local  computer  with  an  account  that  has  administrative  credentials  for  both  the 
local  computer  and  the  remote  computer.  If  you  cannot  use  this  method,  you  can  use  the  -u  and  -p  parameters 
to  provide  administrative  credentials  for  the  remote  computer. 

##  Examples 

Configure  the  idle  session  timeout  to  30  minutes, 
tlntadmn  config  timeout=0:30:0 
Display  active  telnet  sessions, 
tlntadmn  -s 

##  additional  references 

•  telnet  Operations  Guide 

•  Command-Line  Syntax  Key 


tpmvscmgr 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


The  Tpmvscmgr  command-line  tool  allows  users  with  Administrative  credentials  to  create  and  delete  TPM  virtual 
smart  cards  on  a  computer.  For  examples  of  how  this  command  can  be  used,  see  Examples. 

Syntax 

Tpmvscmgr  create  [/name]  [/AdminKey  DEFAULT  |  PROMPT  |  RANDOM]  [/PIN  DEFAULT  |  PROMPT]  [/PUK  DEFAULT  |  PROMPT] 
[/generate]  [/machine]  [/?] 

Tpmvscmgr  destroy  [/instance  cinstance  ID>]  [/?] 

Parameters  for  Create  command 

The  Create  command  sets  up  new  virtual  smart  cards  on  the  user's  system.  It  returns  the  instance  ID  of  the  newly 
created  card  for  later  reference  if  deletion  is  required.  The  instance  ID  is  in  the  format 

ROOT\SMARTCARDREADER\OOOn  where  n  starts  from  0  and  is  increased  by  1  each  time  you  create  a  new 
virtual  smart  card. 

PARAMETER  DESCRIPTION 

/name  Required.  Indicates  the  name  of  the  new  virtual  smart  card. 


/AdminKey  Indicates  the  desired  administrator  key  that  can  be  used  to 

reset  the  PIN  of  the  card  if  the  user  forgets  the  PIN. 

DEFAULT  Specifies  the  default  value  of 

01020304050607080102030405060708010203040506070 

8. 

PROMPT  Prompts  the  user  to  enter  a  value  for  the 
administrator  key. 

RANDOM  Results  in  a  random  setting  for  the  administrator 
key  for  a  card  that  is  not  returned  to  the  user.  This  creates  a 
card  that  might  not  be  manageable  by  using  smart  card 
management  tools.  When  generated  with  RANDOM,  the 
administrator  key  must  be  entered  as  48  hexadecimal 
characters. 


/PIN  Indicates  desired  user  PIN  value. 

DEFAULT  Specifies  the  default  PIN  of  12345678. 

PROMPT  Prompts  the  user  to  enter  a  PIN  at  the  command 
line.  The  PIN  must  be  a  minimum  of  eight  characters,  and  it 
can  contain  numerals,  characters,  and  special  characters. 


/PUK  Indicates  the  desired  PIN  Unlock  Key  (PUK)  value.  The  PUK 

value  must  be  a  minimum  of  eight  characters,  and  it  can 
contain  numerals,  characters,  and  special  characters.  If  the 
parameter  is  omitted,  the  card  is  created  without  a  PUK. 
DEFAULT  Specifies  the  default  PUK  of  12345678. 
PROMPT  Prompts  to  the  user  to  enter  a  PUK  at  the 
command  line. 


PARAMETER 


DESCRIPTION 


/generate 

Generates  the  files  in  storage  that  are  necessary  for  the  virtual 
smart  card  to  function.  If  the  /generate  parameter  is  omitted, 
it  is  equivalent  to  creating  a  card  without  this  file  system.  A 
card  without  a  file  system  can  be  managed  only  by  a  smart 
card  management  system  such  as  Microsoft  Configuration 
Manager. 

/machine 

Allows  you  to  specify  the  name  of  a  remote  computer  on 
which  the  virtual  smart  card  can  be  created.  This  can  be  used 
in  a  domain  environment  only,  and  it  relies  on  DCOM.  For  the 
command  to  succeed  in  creating  a  virtual  smart  card  on  a 
different  computer,  the  user  running  this  command  must  be  a 
member  in  the  local  administrators  group  on  the  remote 
computer. 

/? 

Displays  Help  for  this  command. 

Parameters  for  Destroy  command 

The  Destroy  command  securely  deletes  a  virtual  smart  card  from  the  user's  computer. 


WARNING 

When  a  virtual  smart  card  is  deleted,  it  cannot  be  recovered. 

PARAMETER 

DESCRIPTION 

/instance 

Specifies  the  instance  ID  of  the  virtual  smart  card  to  be 
removed.  The  instance! D  was  generated  as  output  by 
Tpmvscmgr.exe  when  the  card  was  created.  The  /instance 
parameter  is  a  required  field  for  the  Destroy  command. 

/? 

Displays  Help  for  this  command. 

Remarks 

Membership  in  the  Administrators  group  (or  equivalent)  on  the  target  computer  is  the  minimum  required  to  run 
all  the  parameters  of  this  command. 

For  alphanumeric  inputs,  the  full  127  character  ASCII  set  is  allowed. 

Examples 

The  following  command  shows  how  to  create  a  virtual  smart  card  that  can  be  later  managed  by  a  smart  card 
management  tool  launched  from  another  computer. 

tpmvscmgr.exe  create  /name  "VirtualSmartCardForCorpAccess^?  /AdminKey  DEFAULT  /PIN  PROMPT 

Alternatively,  instead  of  using  a  default  administrator  key,  you  can  create  an  administrator  key  at  the  command  line. 
The  following  command  shows  how  to  create  an  administrator  key. 

tpmvscmgr.exe  create  /name  "VirtualSmartCardForCorpAccess^?  /AdminKey  PROMPT  /PIN  PROMPT 


The  following  command  will  create  the  unmanaged  virtual  smart  card  that  can  be  used  to  enroll  certificates. 

tpmvscmgr.exe  create  /name  "VirtualSmartCardForCorpAccess^?  /AdminKey  RANDOM  /PIN  PROMPT  /generate 

The  following  command  will  create  a  virtual  smart  card  with  a  randomized  administrator  key.  The  key  is 
automatically  discarded  after  the  cardis  created.  This  means  that  if  the  user  forgets  the  PIN  or  wants  to  the  change 
the  PIN,  the  user  needs  to  delete  the  card  and  create  it  again.  To  delete  the  card,  the  user  can  run  the  following 
command. 

tpmvscmgr.exe  destroy  /instance  <instance  ID> 

where  instance  ID>  is  the  value  printed  on  the  screen  when  the  user  created  the  card.  Specifically,  for  the  first 
card  created,  the  instance  ID  is  ROOT\SMARTCARDREADER\0000. 

Additional  references 

•  Command-Line  Syntax  Key 


tracerpt 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


The  tracerpt  command  can  be  used  to  parse  Event  Trace  Logs,  log  files  generated  by  Performance  Monitor,  and 
real-time  Event  Trace  providers.  It  generates  dump  files,  report  files,  and  report  schemas. 

For  examples  of  how  to  use  tracerpt,  see  Examples. 

Syntax 


tracerpt  < [ - 1 ]  <value  [value  [.. 

.  . ] ] > | - rt  <session_name  [session_name  [...]]>>  [options] 

Options 


OPTION  FLAG 

DESCRIPTION 

-? 

Displays  context  sensitive  help. 

-config  <filename> 

Load  a  settings  file  containing  command  options. 

-y 

Answer  yes  to  all  questions  without  prompting. 

-f  <XML 

HTML> 

-of  <CSV 

EVTX 

-df  <filename> 

Create  a  Microsoft-specific  counting/reporting  schema  file. 

-int  <filename> 

Dump  the  interpreted  event  structure  to  the  specified  file. 

-rts 

Report  raw  timestamp  in  the  event  trace  header.  Can  only  be 
used  with  -o,  not  -report  or  -summary. 

-tmf  <filename> 

Specify  a  Trace  Message  Format  definition  file. 

-tp  <value> 

Specify  the  TMF  file  search  path.  Multiple  paths  may  be  used, 
separated  by  a  semicolon  (;). 

-i  <value> 

Specify  the  provider  image  path.  The  matching  PDB  will  be 
located  in  the  Symbol  Server.  Multiple  paths  can  be  used, 
separated  by  a  semicolon  (;). 

-pdb  <value> 

Specify  the  symbol  server  path.  Multiple  paths  can  be  used, 
separated  by  a  semicolon  (;). 

-gmt 

Convert  WPP  payload  timestamps  to  Greenwich  Mean  Time. 

-rl  <value> 

Define  System  Report  Level  from  1  to  5.  Default  is  1. 

OPTION  FLAG 


DESCRIPTION 


-summary  [filename] 

Generate  a  summary  report  text  file.  Filename  if  not  specified 
is  summary.txt. 

-o  [filename] 

Generate  a  text  output  file.  Filename  if  not  specified  is 
dumpfile.xml. 

-report  [filename] 

Generate  a  text  output  report  file.  Filename  if  not  specified  is 
workload.xml. 

-lr 

Specify  "less  restrictive."  This  uses  best  efforts  for  events  that 
do  not  match  the  events  schema. 

-export  [filename] 

Generate  an  Event  Schema  export  file.  Filename  if  not  specified 
is  schema. man. 

[-1]  <value  [value  [...]]> 

Specify  the  Event  Trace  log  file  to  process. 

-rt  <session_name  [session_name  [...]]> 

Specify  Real-time  Event  Trace  Session  data  sources. 

Examples 

•  This  example  creates  a  report  based  on  the  two  event  logs  logfilel.etl  and  logfile2.etl  and  creates  the  dump 
file  logdump.xml  in  XML  format. 

tracerpt  logfilel.etl  logfile2.etl  -o  logdump.xml  -of  XML 

•  This  example  creates  a  report  based  on  the  event  log  logfile.etl,  creates  the  dump  file  logdmp.xml  in  XML 
format,  uses  best  efforts  to  identify  events  not  in  the  schema,  produces  a  summary  report  file  logdump.txt, 
and  produces  the  report  file  logrpt.xml. 

tracerpt  logfile.etl  -o  logdmp.xml  -of  XML  -lr  -summary  logdmp.txt  -report  logrpt.xml 

•  This  example  uses  the  two  event  logs  logfilel.etl  and  logfile2.etl  to  produce  a  dump  file  and  report  file  with 
the  default  filenames. 

tracerpt  logfilel.etl  logfile2.etl  -o  -report 

•  This  example  uses  the  event  log  logfile.etl  and  the  performance  log  counterfile. big  to  produce  the  report  file 
logrpt.xml  and  the  Microsoft-specific  XML  schema  file  schema.xml. 

tracerpt  logfile.etl  counterfile. big  -report  logrpt.xml  -df  schema.xml 

•  This  example  reads  the  real-time  Event  Trace  Session  "NT  Kernel  Logger"  and  produces  the  dump  file 
logfile  .csv  in  CSV  format. 

tracerpt  -rt  "NT  Kernel  Logger"  -o  logfile. csv  -of  CSV 


tracert 


1 0/1 7/2017  •  3  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Determines  the  path  taken  to  a  destination  by  sending  Internet  Control  Message  Protocol  (ICMP)  echo  Request  or 
ICMPv6  messages  to  the  destination  with  incrementally  increasing  time  to  Live  (TTL)  field  values.  The  path 
displayed  is  the  list  of  near/side  router  interfaces  of  the  routers  in  the  path  between  a  source  host  and  a  destination. 
The  near/side  interface  is  the  interface  of  the  router  that  is  closest  to  the  sending  host  in  the  path.  Used  without 
parameters,  tracert  displays  help. 

Syntax 

tracert  [ /d ]  [/h  <MaximumHops>]  [/j  <Hostlist>]  [/w  <timeout>]  [ /R ]  [/S  <Srcaddr>]  [/4][/6]  <TargetName> 


Parameters 

PARAMETER 


DESCRIPTION 


/d 

Prevents  tracert  from  attempting  to  resolve  the  IP  addresses 
of  intermediate  routers  to  their  names.  This  can  speed  up  the 
display  of  tracert  results. 

/h 

Specifies  the  maximum  number  of  hops  in  the  path  to  search 
for  the  target  (destination).  The  default  is  30  hops. 

/j 

Specifies  that  echo  Request  messages  use  the  Loose  Source 
Route  option  in  the  IP  header  with  the  set  of  intermediate 
destinations  specified  in  Hostlist.  With  loose  source  routing, 
successive  intermediate  destinations  can  be  separated  by  one 
or  multiple  routers.  The  maximum  number  of  addresses  or 
names  in  the  host  list  is  9.  The  Hostlist  is  a  series  of  IP 
addresses  (in  dotted  decimal  notation)  separated  by  spaces. 
Use  this  parameter  only  when  tracing  IPv4  addresses. 

/w 

Specifies  the  amount  of  time  in  milliseconds  to  wait  for  the 
ICMP  time  Exceeded  or  echo  Reply  message  corresponding  to 
a  given  echo  Request  message  to  be  received,  if  not  received 
within  the  time-out,  an  asterisk  (*)  is  displayed.  The  default 
time-out  is  4000  (4  seconds). 

/R 

Specifies  that  the  IPv6  Routing  extension  header  be  used  to 
send  an  echo  Request  message  to  the  local  host,  using  the 
destination  as  an  intermediate  destination  and  testing  the 
reverse  route. 

/s 

Specifies  the  source  address  to  use  in  the  echo  Request 
messages.  Use  this  parameter  only  when  tracing  IPv6 
addresses. 

PARAMETER 


DESCRIPTION 


/4 

Specifies  that  tracert.exe  can  use  only  IPv4  for  this  trace. 

/6 

Specifies  that  tracert.exe  can  use  only  IPv6  for  this  trace. 

Specifies  the  destination,  identified  either  by  IP  address  or  host 

name. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  This  diagnostic  tool  determines  the  path  taken  to  a  destination  by  sending  ICMP  echo  Request  messages  with 
varying  time  to  Live  (TTL)  values  to  the  destination.  Each  router  along  the  path  is  required  to  decrement  the  TTL 
in  an  IP  packet  by  at  least  1  before  forwarding  it  Effectively,  the  TTL  is  a  maximum  link  counter.  When  the  TTL 
on  a  packet  reaches  0,  the  router  is  expected  to  return  an  ICMP  time  Exceeded  message  to  the  source  computer, 
tracert  determines  the  path  by  sending  the  first  echo  Request  message  with  a  TTL  of  1  and  incrementing  the 
TTL  by  1  on  each  subsequent  transmission  until  the  target  responds  or  the  maximum  number  of  hops  is 
reached.  The  maximum  number  of  hops  is  30  by  default  and  can  be  specified  using  the  /h  parameter.  The  path 
is  determined  by  examining  the  ICMP  time  Exceeded  messages  returned  by  intermediate  routers  and  the  echo 
Reply  message  returned  by  the  destination.  However,  some  routers  do  not  return  time  Exceeded  messages  for 
packets  with  expired  TTL  values  and  are  invisile  to  the  tracert  command.  In  this  case,  a  row  of  asterisks  (*)  is 
displayed  for  that  hop. 

•  To  trace  a  path  and  provide  network  latency  and  packet  loss  for  each  router  and  link  in  the  path,  use  the 
pathping  command. 

•  This  command  is  available  only  if  the  Internet  Protocol  (TCP/IP)  protocol  is  installed  as  a  component  in  the 
properties  of  a  network  adapter  in  Network  Connections. 

##  Examples 

To  trace  the  path  to  the  host  named  corp7.microsoft.com,  type: 
tracert  corp7.microsoft.com 

To  trace  the  path  to  the  host  named  corp7.microsoft.com  and  prevent  the  resolution  of  each  IP  address  to  its 
name,  type: 

tracert  /d  corp7.microsoft.com 

To  trace  the  path  to  the  host  named  corp7.microsoft.com  and  use  the  loose  source  route 
1 0.1 2.0.1  /1 0.29.3.1/1 0.1 .44.1 ,  type: 

tracert  /j  10.12.0.1  10.29.3.1  10.1.44.1  corp7.microsoft.com 
##  additional  references 

•  Command-Line  Syntax  Key 


tree 


Displays  the  directory  structure  of  a  path  or  of  the  disk  in  a  drive  graphically. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

tree  [<Drive> : ] [<Path>]  [/f]  [/a] 

Parameters 


PARAMETER 

DESCRIPTION 

<Drive>: 

Specifies  the  drive  that  contains  the  disk  for  which  you  want  to 
display  the  directory  structure. 

<Path> 

Specifies  the  directory  for  which  you  want  to  display  the 
directory  structure. 

/f 

Displays  the  names  of  the  files  in  each  directory. 

/a 

Specifies  that  tree  is  to  use  text  characters  instead  of  graphic 
characters  to  show  the  lines  that  link  subdirectories. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

The  structure  displayed  by  tree  depends  upon  the  parameters  that  you  specify  at  the  command  prompt.  If  you  do 
not  specify  a  drive  or  path,  tree  displays  the  tree  structure  beginning  with  the  current  directory  of  the  current  drive. 

Examples 

To  display  the  names  of  all  the  subdirectories  on  the  disk  in  your  current  drive,  type: 

tree  \ 

To  display,  one  screen  at  a  time,  the  files  in  all  the  directories  on  drive  C,  type: 
tree  c:\  /f  |  more 

To  print  a  list  of  all  the  directories  on  drive  C,  type: 

tree  c:\  /f  prn 


Additional  references 

Command-Line  Syntax  Key 


tscon 


10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Connects  to  another  session  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server, 
for  examples  of  how  to  use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 


Syntax 


tscon  {<SessionID> 

<SessionName>}  [/dest : <SessionName>]  [/password : <pw>  |  /password:*]  [ / v ] 

Parameters 

PARAMETER 

DESCRIPTION 

Specifies  the  ID  of  the  session  to  which  you  want  to  connect.  If 
you  use  the  optional  /dest :<SessionName>  parameter,  this  is 
the  ID  of  the  session  to  which  you  want  to  connect. 

Specifies  the  name  of  the  session  to  which  you  want  to  connect. 

/dest: 

Specifies  the  name  of  the  current  session.  This  session  will 
disconnect  when  you  connect  to  the  new  session. 

/password: 

Specifies  the  password  of  the  user  who  owns  the  session  to 
which  you  want  to  connect.  This  password  is  required  when  the 
connecting  user  does  not  own  the  session. 

/password:* 

prompts  for  the  password  of  the  user  who  owns  the  session  to 
which  you  want  to  connect. 

/v 

Displays  information  about  the  actions  being  performed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  must  have  Full  Control  access  permission  or  Connect  special  access  permission  to  connect  to  another  session. 

•  The  /dest:<SessionName>  parameter  allows  you  to  connect  the  session  of  another  user  to  a  different  session. 

•  if  you  do  not  specify  a  password  in  the  <Password>  parameter,  and  the  target  session  belongs  to  a  user  other  than  the 
current  one,  tscon  fails. 

•  You  cannot  connect  to  the  console  session. 

##  Examples 

•  To  connect  to  session  1 2  on  the  current  rd  Session  Host  server  and  disconnect  the  current  session,  type: 

tscon  12 

•  To  connect  to  session  23  on  the  current  rd  Session  Host  server,  by  using  the  password  mypass,  and  disconnect  the 
current  session,  type: 

tscon  23  /password : mypass 

•  To  connect  the  session  named  TERM03  to  the  session  named  TERM05,  and  then  disconnect  session  TERM05,  if  it  is 
connected,  type: 

tscon  TERM03  /v  /dest : TERM05 

####  additional  references 
Command-Line  Syntax  Key 

remote  Desktop  Services  (Terminal  Services)  Command  Reference 


tsdiscon 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Disconnects  a  session  from  a  remote  Desktop  Session  Host  (rd  Session  Host)  server,  for  examples  of  how  to  use 
this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

Syntax 

tsdiscon  [<SessionID>  |  <SessionName>]  [/server : <ServerName>]  [/v] 


Parameters 


PARAMETER 

DESCRIPTION 

Specifies  the  ID  of  the  session  to  disconnect. 

Specifies  the  name  of  the  session  to  disconnect. 

/server: 

Specifies  the  terminal  server  that  contains  the  session  that  you 
want  to  disconnect.  Otherwise,  the  current  rd  Session  Host 

server  is  used. 

/v 

Displays  information  about  the  actions  being  performed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  must  have  Full  Control  permission  or  Disconnect  special  access  permission  to  disconnect  another  user  from  a  session. 

•  if  no  session  ID  or  session  name  is  specified,  tsdiscon  disconnects  the  current  session. 

•  Any  applications  that  were  running  when  you  disconnected  the  session  are  automatically  running  when  you  reconnect  to 
that  session  with  no  loss  of  data.  Use  reset  session  to  end  the  running  applications  of  the  disconnected  session,  but  be 
aware  that  this  might  result  in  loss  of  data  at  the  session. 

•  The  /server  parameter  is  required  only  if  you  use  tsdiscon  from  a  remote  server. 

•  The  console  session  cannot  be  disconnected.  ##  Examples 

•  To  disconnect  the  current  session,  type:  tsdiscon 

•  To  disconnect  session  10,  type:  tsdiscon  10 

•  To  disconnect  the  session  named  TERM04,  type:  tsdiscon  TERM04  ####  additional  references  Command-Line  Syntax 
Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 


tsecimp 

4/1 3/2018  •  3  min  to  read  •  Edit  Online 


Imports  assignment  information  from  an  Extensible  Markup  Language  (XML)  file  into  the  TAPI  server  security  file 
(Tsec.ini).  You  can  also  use  this  command  to  display  the  list  of  TAPI  providers  and  the  lines  devices  associated  with 
each  of  them,  validate  the  structure  of  the  XM  L  file  without  importing  the  contents,  and  check  domain 
membership. 

Syntax 

tsecimp  /f  <Filename>  [{/v  |  /u}] 
tsecimp  /d 


Parameters 

PARAMETER 


DESCRIPTION 


/f  <Filename> 

Required.  Specifies  the  name  of  the  XML  file  that  contains  the 
assignment  information  that  you  want  to  import. 

/v 

Validates  the  structure  of  the  XML  file  without  importing  the 
information  into  the  Tsec.ini  file. 

/u 

Checks  whether  each  user  is  a  member  of  the  domain 
specified  in  the  XML  file.  The  computer  on  which  you  use  this 
parameter  must  be  connected  to  the  network.  This  parameter 
might  significantly  slow  performance  if  you  are  processing  a 
large  amount  of  user  assignment  information. 

/d 

Displays  a  list  of  installed  telephony  providers.  For  each 
telephony  provider,  the  associated  line  devices  are  listed,  as 
well  as  the  addresses  and  users  associated  with  each  line 

device. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  The  XML  file  from  which  you  want  to  import  assignment  information  must  follow  the  structure  described 
below. 

o  UserList  element 

The  UserList  is  the  top  element  of  the  XML  file, 
o  User  element 

Each  User  element  contains  information  about  a  user  who  is  a  member  of  a  domain.  Each  user  might 
be  assigned  one  or  more  line  devices. 

Additionally,  each  User  element  might  have  an  attribute  named  NoMerge.  When  this  attribute  is 
specified,  all  current  line  device  assignments  for  the  user  are  removed  before  new  ones  are  made.  You 
can  use  this  attribute  to  easily  remove  unwanted  user  assignments.  By  default,  this  attribute  is  not  set. 


The  User  element  must  contain  a  single  DomainUserName  element,  which  specifies  the  domain 
and  user  name  of  the  user.  The  User  element  might  also  contain  one  FriendlyName  element,  which 
specifies  a  friendly  name  for  the  user. 

The  User  element  might  contain  one  LineList  element.  If  a  LineList  element  is  not  present,  all  line 
devices  for  this  user  are  removed. 

o  LineList  element 

The  LineList  element  contains  information  about  each  line  or  device  that  might  be  assigned  to  the 
user.  Each  LineList  element  can  contain  more  than  one  Line  element. 

o  Line  element 

Each  Line  element  specifies  a  line  device.  You  must  identify  each  line  device  by  adding  either  an 
Address  element  or  a  PermanentID  element  under  the  Line  element. 

For  each  Line  element,  you  can  set  the  Remove  attribute.  If  you  set  this  attribute,  the  user  is  no 
longer  assigned  that  line  device.  If  this  attribute  is  not  set,  the  user  gains  access  to  that  line  device.  No 
error  is  given  if  the  line  device  is  not  available  to  the  user. 

The  following  sample  XML  code  segments  illustrate  correct  usage  of  the  elements  defined  above. 

o  The  following  code  removes  all  line  devices  assigned  to  Userl . 

<UserList>  <User  NoMerge="l">  <DomainUser>domainl\userl</DomainUser>  </User>  </UserList> 

o  The  following  code  removes  all  line  devices  assigned  to  Userl  before  assigning  one  line  with  address 
99999.  Userl  will  have  no  other  lines  devices  assigned,  regardless  of  whether  any  line  devices  were 
assigned  previously. 

<UserList> 

cllser  NoMerge="l"> 

<DomainUser>domainl\userl</DomainUser> 

< FriendlyName >Userl</ FriendlyName > 

<LineList> 

<Line> 

<Address>99999</Address> 

</Line> 

</LineList> 

</User> 

</UserList> 


o  The  following  code  adds  one  line  device  for  Userl  without  deleting  any  previously  assigned  line 
devices. 


<UserList> 

<User> 

<DomainUser>domainl\userl</DomainUser> 
< Friendly Name >Userl</ Friendly Name > 
<LineList> 

<Line> 

<Address>99999</Address> 

</Line> 

</LineList> 

</User> 

</UserList> 


o  The  following  code  adds  line  address  99999  and  removes  line  address  88888  from  Userl 's  access. 


<UserList> 

<User> 

<DomainUser>domainl\userl</DomainUser> 
< Friendly Name>Userl</ Friendly Name > 
<LineList> 

<Line> 

<Address>99999</Address> 

</Line> 

<Line  Remove="l"> 

<Address>88888</Address> 

</Line> 

</LineList> 

</User> 

</UserList> 


o  The  following  code  adds  permanent  device  1 000  and  removes  line  88888  from  Userl 's  access. 
domain1\user1  Userl  1000 
88888 


•  The  following  sample  output  appears  after  the  /d  command-line  option  is  specified  to  display  the  current 
TAPI  configuration.  For  each  telephony  provider,  the  associated  line  devices  are  listed,  as  well  as  the 
addresses  and  users  associated  with  each  line  device. 


NDIS  Proxy  TAPI  Service  Provider 

Line:  "WAN  Miniport  (L2TP)" 

Permanent  ID:  12345678910 

NDIS  Proxy  TAPI  Service  Provider 
Line:  "LPTlDOMAINl\Userl" 

Permanent  ID:  12345678910 

Microsoft  H.323  Telephony  Service  Provider 
Line:  "H323  Line" 

Permanent  ID:  123456 
Addresses : 

BLDG1-TAPI32 


Additional  references 

Command-Line  Syntax  Key 


Command  shell  overview 


tskill 

10/24/2017  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Ends  a  process  running  in  a  session  on  a  remote  Desktop  Session  Host  (rd  Session  Host)  server,  for  examples  of 
how  to  use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

Syntax 

tskill  {<ProcessID>  |  <ProcessName>} 

[/server : <ServerName>]  [/id : <SessionID>  |  /a]  [/v] 

Parameters 

PARAMETER 

DESCRIPTION 

Specifies  the  ID  of  the  process  that  you  want  to  end. 

Specifies  the  name  of  the  process  that  you  want  to  end.  This 
parameter  can  include  wildcard  characters. 

/server: 

Specifies  the  terminal  server  that  contains  the  process  that  you 
want  to  end.  If /server  is  not  specified,  the  current  rd  Session 

Host  server  is  used. 

/id: 

Ends  the  process  that  is  running  in  the  specified  session. 

/a 

Ends  the  process  that  is  running  in  all  sessions. 

/V 

Displays  information  about  the  actions  being  performed. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  You  can  use  tskill  to  end  only  those  processes  that  belong  to  you,  unless  you  are  an  administrator.  Administrators  have 
full  access  to  all  tskill  functions  and  can  end  processes  that  are  running  in  other  user  sessions. 

•  When  all  processes  that  are  running  in  a  session  end,  the  session  also  ends. 

•  if  you  use  the  ProcessName  and  the  /server:ServerName  parameters,  you  must  also  specify  either  the  /id :SessionlD  or 

the  /a  parameter.  ##  Examples 

•  To  end  process  6543,  type:  tskill  6543 

•  To  end  the  process  "explorer"  running  on 

session  5,  type:  tskill  explorer  /id: 5  ####  additional  references 

Command-Line  Syntax  Key  remote  Desktop  Services  (Terminal  Services)  Command  Reference 

tsprof 

10/24/2017  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Copies  the  remote  Desktop  Services  user  configuration  information  from  one  user  to  another.  The  remote  Desktop 
Services  user  configuration  information  is  displayed  in  the  remote  Desktop  Services  extensions  to  Local  Users  and 
Groups  and  active  directory  Users  and  computers,  tsprof  can  also  set  the  profile  path  for  a  user,  for  examples  of 
how  to  use  this  command,  see  Examples. 


NOTE 

In  Windows  Server  2008  R2,  Terminal  Services  was  renamed  remote  Desktop  Services.  To  find  out  what's  new  in  the  latest 
version,  see  What  s  New  in  remote  Desktop  Services  in  Windows  Server  2012  in  the  Windows  Server  TechNet  Library. 

Syntax 


tsprof  /update  {/domain : <DomainName>  |  /local}  /prof ile : <path>  <UserName> 

tsprof  /copy  {/domain : <DomainName>  |  /local}  [/prof ile : <path>]  <Src_usr>  <Dest_usr> 

tsprof  /q  {/domain : <DomainName>  |  /local}  <UserName> 


Parameters 

PARAMETER 

DESCRIPTION 

/update 

Updates  profile  path  information  for  <UserName>  in  domain 
<DomainName>  to  <Profilepath>. 

/domain: 

Specifies  the  name  of  the  domain  in  which  the  operation  is 
applied. 

/local 

Applies  the  operation  only  to  local  user  accounts. 

/profile: 

Specifies  the  profile  path  as  displayed  in  the  remote  Desktop 
Services  extensions  in  Local  Users  and  Groups  and  active 
directory  Users  and  computers. 

Specifies  the  name  of  the  user  for  whom  you  want  to  update  or 
query  the  server  profile  path. 

/copy 

Copies  user  configuration  information  from  <SourceUser>  to 
<DestinationUser>  and  updates  the  profile  path  information  for 
<DestinationUser>  to  <Profilepath>.  Both  <SourceUser>  and 
< DestinationUser>  must  either  be  local  or  must  be  in  domain 

<DomainName>. 

<Src_usr> 

Specifies  the  name  of  the  user  from  whom  you  want  to  copy 
the  user  configuration  information. 

<Dest_usr> 

Specifies  the  name  of  the  user  to  whom  you  want  to  copy  the 
user  configuration  information. 

/q 

Displays  the  current  profile  path  of  the  user  for  whom  you  want 
to  query  the  server  profile  path. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  The  tsprof  command  is  only  available  when  you  have  installed  the  Terminal  Server  role  service  on  a  computer  running 
Windows  Server  2008  or  rd  Session  Host  role  service  on  a  computer  running  Windows  Server  2008  R2.  ##  Examples 

•  To  copy  user  configuration  information  from  LocalUserl  to  LocalUser2,  type: 

tsprof  /copy  /local  LocalUserl  LocalUser2 

•  To  set  the  remote  Desktop  Services  profile  path  for  LocalUserl  to  a  directory  called  "c:\profiles,"  type: 

tsprof  /update  /local  /prof lie :  c : \profiles  LocalUserl  ####  additional  references  Command-Line  Syntax  Key 
remote  Desktop  Services  (Terminal  Services)  Command  Reference 


type 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  the  contents  of  a  text  file.  Use  the  type  command  to  view  a  text  file  without  modifying  it. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

type  [<Drive> : ] [<Path>]<FileName> 


Parameters 

PARAMETER  DESCRIPTION 

[<  Drive> :][]  Specifies  the  location  and  name  of  the  file  or  files  that  you 

want  to  view.  Separate  multiple  file  names  with  spaces. 

/?  Displays  help  at  the  command  prompt. 

Remarks 

•  If  FileName  contains  spaces,  enclose  it  in  quotation  marks  (for  example,  "File  Name  Containing  Spaces.txt"). 

•  If  you  display  a  binary  file  or  a  file  that  is  created  by  a  program,  you  may  see  strange  characters  on  the  screen, 
including  formfeed  characters  and  escape-sequence  symbols.  These  characters  represent  control  codes  that  are 
used  in  the  binary  file.  In  general,  avoid  using  the  type  command  to  display  binary  files. 

Examples 

To  display  the  contents  of  a  file  named  Holiday.mar,  type: 
type  holiday.mar 

To  display  the  contents  of  a  lengthy  file  named  Holiday.mar  one  screen  at  a  time,  type: 
type  holiday.mar  |  more 

Additional  references 


Command-Line  Syntax  Key 


typeperf 

4/13/2018  •  1  min  to  read  •  EditOnline 

The  typeperf  command  writes  performance  data  to  the  command  window  or  to  a  log  file.  To  stop  typeperf,  press 

CTRL+C. 

For  examples  of  how  to  use  typeperf,  see  Exampl 

es. 

Syntax 

typeperf  ccounter  [counter  ...]>  [options] 
typeperf  -cf  <filename>  [options] 
typeperf  -q  [object]  [options] 
typeperf  -qx  [object]  [options] 

Parameters 

PARAMETER 

DESCRIPTION 

<counter  [counter  [...]]> 

Specifies  performance  counters  to  monitor. 

NOTE 

<counter>  is  the  full  name  of  a  performance  counter 

\\Server1\Processor(0)%  User  Time. 

in  \\Computer\Object(lnstance)\Counter  format,  such  as 

Options 

OPTION 

DESCRIPTION 

-? 

Displays  context-sensitive  help. 

-f  <csv 

TSV 

-cf  <filename> 

Specifies  a  file  containing  a  list  of  performance  counters  to 
monitor,  with  one  counter  per  line. 

-si  <[[hh:]mm:]ss> 

Specifies  the  sample  interval.  The  default  is  one  second. 

-o  <filename> 

Specifies  the  path  for  the  output  file,  or  the  SQL  database.  The 
default  is  STDOUT  (written  to  the  command  window). 

-q  [object] 

Display  a  list  of  installed  counters  (no  instances).  To  list 
counters  for  one  object,  include  the  object  name.  ***EXAMPLE 

-qx  [object] 

Display  a  list  of  installed  counters  with  instances.  To  list 
counters  for  one  object,  include  the  object  name. 

OPTION 


DESCRIPTION 


-sc  <samples>  Specifies  the  number  of  samples  to  collect.  The  default  is  to 

collect  data  until  CTRL+C  is  pressed. 

-config  <filename>  Specifies  a  settings  file  containing  command  options. 

-s  <computer_name>  Specifies  a  remote  computer  to  monitor  if  no  computer  is 

specified  in  the  counter  path. 

-y  Answer  yes  to  all  questions  without  prompting. 

Examples 

•  The  following  example  writes  the  values  for  the  local  computer's  performance  counter  \\Processor(_Total)% 
Processor  Time  to  the  command  window  at  a  default  sample  interval  of  1  second  until  CTRL  +  C  is  pressed, 
typeperf  "\Processor)_Total)\%  Processor  Time" 

•  The  following  example  writes  the  values  for  the  list  of  counters  in  the  file  counters.txt  to  the  tab-delimited  file 
domain2.tsv  at  a  sample  interval  of  5  seconds  until  50  samples  have  been  collected. 

typeperf  -cf  counters.txt  -si  5  -sc  50  -f  TSV  -o  domain2.tsv 

•  The  following  example  queries  installed  counters  with  instances  for  the  counter  object  PhysicalDisk  and  writes 
the  resulting  list  to  the  file  counters.txt. 

typeperf  -qx  PhysicalDisk  -o  counters.txt 


tzutil 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Displays  the  Windows  time  Zone  Utility. 


Syntax 


tzutil  [/?]  [/g]  [/s  <timeZoneID>[_dstoff] ]  [/l] 

Parameters 

PARAMETER 

DESCRIPTION 

/? 

Displays  help  at  the  command  prompt. 

/g 

Displays  the  current  time  zone  ID. 

/s  Ldstoff] 

Sets  the  current  time  zone  using  the  specified  time  zone  ID. 

The  _dstoff  suffix  disables  Daylight  Saving  time  adjustments 
for  the  time  zone  (where  applicable). 

/i 


lists  all  valid  time  zone  IDs  and  display  names.  The  output  will 
be: 


remarks 

An  exit  code  of  0  indicates  the  command  completed  successfully. 

Examples 

To  display  the  current  time  zone  I D,  type: 

tzutil  /g 

To  set  the  current  time  zone  to  Pacific  Standard  time,  type: 

tzutil  /s  Pacific  Standard  time 

To  set  the  current  time  zone  to  Pacific  Standard  time  and  disable  Daylight  Saving  time  adjustments,  type: 
tzutil  /s  Pacific  Standard  time_dstoff 


additional  references 

•  Command-Line  Syntax  Key 


unlodctr 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


removes  Performance  counter  names  and  Explain  text  for  a  service  or  device  driver  from  the  system  registry. 

Syntax 


Unlodctr  <DriverName> 


Parameters 

PARAMETER  DESCRIPTION 

removes  the  Performance  counter  name  settings  and  Explain 
text  for  driver  or  service  from  the  Windows  Server  2003 
registry. 

/?  Displays  help  at  the  command  prompt. 

remarks 


WARNING 

Incorrectly  editing  the  registry  may  severely  damage  your  system.  Before  making  changes  to  the  registry,  you  should  back  up 
any  valued  data  on  the  computer. 

if  the  information  that  you  supply  contains  spaces,  use  quotation  marks  around  the  text  (for  example,  ""). 

Examples 

To  remove  the  current  Performance  registry  settings  and  counter  Explain  text  for  the  Simple  Mail  Transfer  Protocol  (SMTP) 
service: 

unlodctr  SMTPSVC 

additional  references 

•  Command-Line  Syntax  Key 


ver 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  the  operating  system  version  number. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

ver 

Parameters 

PARAMETER  DESCRIPTION 

/?  Displays  help  at  the  command  prompt. 

Examples 

To  obtain  the  version  number  of  the  operating  system,  type: 
ver 

Additional  references 

Command-Line  Syntax  Key 


verifier 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Driver  verifier  manager. 

Syntax 

verifier  /standard  /driver  <name>  [<name>  ...] 
verifier  /standard  /all 

verifier  [/flags  <flags>]  [/faults  [<probability>  [<tags>  [<applications>  [<minutes>] ] ] ]  /driver  <name> 
[<name> . . . ] 

verifier  [/flags  FLAGS]  [/faults  [<probability>  [<tags>  [<applications>  [<minutes>] ] ] ]  /all 

verifier  /querysettings 

verifier  /volatile  /flags  <flags> 

verifier  /volatile  /adddriver  <name>  [<name>...] 

verifier  /volatile  /removedriver  <name>  [<name>...] 

verifier  /volatile  /faults  [<probability>  [<tags>  [<applications>] ] 

verifier  /reset 

verifier  /query 

verifier  /log  <LogFileName>  [/interval  <seconds>] 


Parameters 

PARAMETER  DESCRIPTION 

Must  be  a  number  in  decimal  or  hexadecimal,  combination  of 
bits: 

-  Value:  description 

-  bit  0:  special  pool  checking 

-  bit  1:  force  irql  checking 

-  bit  2:  low  resources  simulation 

-  bit  3:  pool  tracking 

-  bit  4:  I/O  verification 

-  bit  5:  deadlock  detection 

-  bit  6:  unused 

-  bit  7:  DMA  verification 
bit  8:  security  checks 

-  bit  9:  force  pending  I/O  requests 

-  bit  10:  IRP  logging 

-  bit  11:  miscellaneous  checks 

for  example,  /flags  27  is  equivalent  with  /flags  0x1  B 


Used  to  change  the  verifier  settings  dynamically  without 
restarting  the  system.  Any  new  settings  will  be  lost  when  the 
system  is  restarted. 


/volatile 


PARAMETER 


DESCRIPTION 


Number  between  1  and  10,000  specifying  the  fault  injection 
probability.  For  example,  specifying  100  means  a  fault  injection 
probability  of  1  %  (1 00/1 0,000). 

if  this  parameter  is  not  specified  then  the  default  probability  of 
6%  will  be  used. 


Specifies  the  pool  tags  that  will  be  injected  with  faults, 
separated  by  space  characters.  If  this  parameter  is  not 
specified  then  any  pool  allocation  can  be  injected  with  faults. 


Specifies  the  image  file  name  of  the  applications  that  will  be 
injected  with  faults,  separated  by  space  characters.  If  this 
parameter  is  not  specified  then  low  resources  simulation  can 
take  place  in  any  application. 


A  positive  number  specifying  the  length  of  the  period  after 
rebooting,  in  minutes,  during  which  no  fault  injection  will 
occur.  If  this  parameter  is  not  specified  then  the  default  length 
of  8  minutes  will  be  used. 


/?  Displays  help  at  the  command  prompt. 


additional  references 

•  Command-Line  Syntax  Key 


verify 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Tells  cmd  whether  to  verify  that  your  files  are  written  correctly  to  a  disk.  If  used  without  parameters,  verify 
displays  the  current  setting. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

verify  [on  |  off] 

Parameters 

PARAMETER 

[on 


DESCRIPTION 

off] 


/? 


Displays  help  at  the  command  prompt. 


Examples 


To  display  the  current  verify  setting,  type: 


verify 


To  turn  the  verify  setting  on,  type: 


Verify  on 


Additional  references 


Command-Line  Syntax  Key 


vol 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  the  disk  volume  label  and  serial  number,  if  they  exist.  If  used  without  parameters,  vol  displays  information 
for  the  current  drive. 

Syntax 

vol  [<Drive>:] 


Parameters 

PARAMETER  DESCRIPTION 


<Drive>: 


Specifies  the  drive  that  contains  the  disk  for  which  you  want  to 
display  the  volume  label  and  serial  number. 


/? 


Displays  help  at  the  command  prompt. 


Additional  references 

Command-Line  Syntax  Key 


waitfor 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Sends  or  waits  for  a  signal  on  a  system.  Waitfor  is  used  to  synchronize  computers  across  a  network. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 


waitfor  [/s  <Computer>  [/u  [<Domain>\]<User>  [/p  [<Password>] ] ] ]  /si  <SignalName> 
waitfor  [/t  <Timeout>]  <SignalName> 


Parameters 

PARAMETER 

DESCRIPTION 

/s  <Computer> 

Specifies  the  name  or  IP  address  of  a  remote  computer  (do 
not  use  backslashes).  The  default  is  the  local  computer.  This 
parameter  applies  to  all  files  and  folders  specified  in  the 
command. 

/u  [<Domain>] 

Runs  the  script  using  the  credentials  of  the  specified  user 
account.  By  default,  waitfor  uses  the  current  user's 
credentials. 

/p  [<Password>] 

Specifies  the  password  of  the  user  account  that  is  specified  in 
the  /u  parameter. 

/si 

Sends  the  specified  signal  across  the  network. 

/t  <  Timeout  > 

Specifies  the  number  of  seconds  to  wait  for  a  signal.  By 
default,  waitfor  waits  indefinitely. 

<SignalName> 

Specifies  the  signal  that  waitfor  waits  for  or  sends. 
SignalName  is  not  case-sensitive. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Signal  names  cannot  exceed  225  characters.  Valid  characters  include  a-z,  A-Z,  0-9,  and  the  ASCII  extended 
character  set  (128-255). 

•  If  you  do  not  use  /s,  the  signal  is  broadcast  to  all  the  systems  in  a  domain.  If  you  use  /s,  the  signal  is  sent  only  to 
the  specified  system. 

•  You  can  run  multiple  instances  of  waitfor  on  a  single  computer,  but  each  instance  of  waitfor  must  wait  for  a 
different  signal.  Only  one  instance  of  waitfor  can  wait  for  a  given  signal  on  a  given  computer. 

•  You  can  activate  a  signal  manually  by  using  the  /si  command-line  option. 

•  Waitfor  runs  only  on  Windows  XP  and  servers  running  a  Windows  Server  2003  operating  system,  but  it  can 
send  signals  to  any  computer  running  a  Windows  operating  system. 


•  Computers  can  only  receive  signals  if  they  are  in  the  same  domain  as  the  computer  sending  the  signal. 

•  You  can  use  waitfor  when  you  test  software  builds.  For  example,  the  compiling  computer  can  send  a  signal  to 
several  computers  running  waitfor  after  the  compile  has  completed  successfully.  On  receipt  of  the  signal,  the 
batch  file  that  includes  waitfor  can  instruct  the  computers  to  immediately  start  installing  software  or  running 
tests  on  the  compiled  build. 

Examples 

To  wait  until  the  "espresso\build007"  signal  is  received,  type: 


waitfor  espresso\build007 


By  default,  waitfor  waits  indefinitely  for  a  signal. 

To  wait  10  seconds  for  the  "espresso\compile007"  signal  to  be  received  before  timing  out,  type: 


To  manually  activate  the  "espresso\build007"  signal,  type: 


waitfor  /si  espresso\build007 


Additional  references 

Command-Line  Syntax  Key 


wbadmin 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Enables  you  to  back  up  and  restore  your  operating  system,  volumes,  files,  folders,  and  applications  from  a 
command  prompt. 

To  configure  a  regularly  scheduled  backup,  you  must  be  a  member  of  the  Administrators  group.  To  perform  all 
other  tasks  with  this  command,  you  must  be  a  member  of  the  Backup  Operators  or  the  Administrators  group, 
or  you  must  have  been  delegated  the  appropriate  permissions. 

You  must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt,  right-click 

Command  Prompt,  and  then  click  Run  as  administrator.) 

Subcommands 


SUBCOMMAND 

DESCRIPTION 

Wbadmin  enable  backup 

Configures  and  enables  a  regularly  scheduled  backup. 

Wbadmin  disable  backup 

Disables  your  daily  backups. 

Wbadmin  start  backup 

Runs  a  one-time  backup.  If  used  with  no  parameters,  uses 
the  settings  from  the  daily  backup  schedule. 

Wbadmin  stop  job 

Stops  the  currently  running  backup  or  recovery  operation. 

Wbadmin  get  versions 

Lists  details  of  backups  recoverable  from  the  local  computer 
or,  if  another  location  is  specified,  from  another  computer. 

Wbadmin  get  items 

Lists  the  items  included  in  a  backup. 

Wbadmin  start  recovery 

Runs  a  recovery  of  the  volumes,  applications,  files,  or  folders 
specified. 

Wbadmin  get  status 

Shows  the  status  of  the  currently  running  backup  or 
recovery  operation. 

Wbadmin  get  disks 

Lists  disks  that  are  currently  online. 

Wbadmin  start  systemstaterecovery 

Runs  a  system  state  recovery. 

Wbadmin  start  systemstatebackup 

Runs  a  system  state  backup. 

Wbadmin  delete  systemstatebackup 

Deletes  one  or  more  system  state  backups. 

Wbadmin  start  sysrecovery 

Runs  a  recovery  of  the  full  system  (at  least  all  the  volumes 
that  contain  the  operating  system's  state).  This  subcommand 
is  only  available  if  you  are  using  the  Windows  Recovery 
Environment. 

SUBCOMMAND 


DESCRIPTION 


Wbadmin  restore  catalog 

Recovers  a  backup  catalog  from  a  specified  storage  location 
in  the  case  where  the  backup  catalog  on  the  local  computer 
has  been  corrupted. 

Wbadmin  delete  catalog 

Deletes  the  backup  catalog  on  the  local  computer.  Use  this 
subcommand  only  if  the  backup  catalog  on  this  computer  is 
corrupted  and  you  have  no  backups  stored  at  another 
location  that  you  can  use  to  restore  the  catalog. 

Additional  references 

•  Backup  and  Recovery 

•  Windows  Server  Backup  Cmdlets  in  Windows  PowerShell 


wbadmin  enable  backup 

4/1 3/2018  •  7  min  to  read  •  Edit  Online 


Creates  and  enables  a  daily  backup  schedule  or  modifies  an  existing  backup  schedule.  With  no  parameters 
specified,  it  displays  the  currently  scheduled  backup  settings. 

To  configure  or  modify  a  daily  backup  schedule,  you  must  be  a  member  of  either  the  Administrators  or  Backup 
Operators  group.  In  addition,  you  must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated 
command  prompt  right-click  Command  Prompt  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

Syntax  for  Windows  Server  2008: 

wbadmin  enable  backup 
[-addtanget : <BackupTargetDisk>] 

[ -removetarget : <BackupTargetDisk>] 

[-schedule: <TimeToRunBackup>] 

[-include: <VolumesToInclude>] 

[-allCritical] 

[-quiet] 


Syntax  for  Windows  Server  2008  R2: 

wbadmin  enable  backup 
[-addtanget : <BackupTarget>] 

[-removetarget : <BackupTarget>] 

[-schedule: <TimeToRunBackup>] 

[-include: <VolumesToInclude>] 

[-nonRecurselnclude: <ItemsToInclude>] 

[-exclude: < It emsToExclude>] 

[-nonRecurseExclude: <ItemsToExclude>] [-systemState] 
[-allCritical] 

[-vssFull  |  -vssCopy] 

[-user:<UserName>] 

[-password : <Password>] 

[ -quiet] 


Syntax  for  Windows  Server  2012  and  Windows  Server  2012  R2: 


wbadmin  enable  backup 
[ -addtanget : <BackupTarget>] 

[-removetarget : <BackupTarget>] 

[-schedule: <TimeToRunBackup>] 

[-include: <VolumesToInclude>] 

[-nonRecurselnclude: <ItemsToInclude>] 

[-exclude: < It emsToExclude>] 

[-nonRecunseExclude: <ItemsToExclude>] [-systemState] 
[-hyperv: <HyperVComponentsToExclude>] 

[-allCritical] 

[-systemState] 

[-vssFull  |  -vssCopy] 

[-user : <UserName>] 

[-password :< Pas sword >] 

[-quiet] 

[-allowDeleteOldBackups] 


Parameters 

PARAMETER  DESCRIPTION 

-addtarget  For  Windows  Server  2008,  specifies  the  storage  location  for 

backups.  Requires  you  to  specify  a  destination  for  backups  as 
a  disk  identifier  (see  Remarks).  The  disk  is  formatted  before 
use,  and  any  existing  data  on  it  is  permanently  erased. 

For  Windows  Server  2008  R2  and  later,  Specifies  the  storage 
location  for  backups.  Requires  you  to  specify  the  location  as  a 
disk,  volume,  or  Universal  Naming  Convention  (UNC)  path  to 
a  remote  shared  folder  (\\<servername>  <sharename>).  By 
default,  the  backup  will  be  saved  at: 

W<sharename>\WindowslmageBackup<ComputerBackedUp 
>.  If  you  specify  a  disk,  the  disk  will  be  formatted  before  use, 
and  any  existing  data  on  it  is  permanently  erased.  If  you 
specify  a  shared  folder,  you  cannot  add  more  locations.  You 
can  only  specify  one  shared  folder  as  a  storage  location  at  a 
time. 

Important:  If  you  save  a  backup  to  a  remote  shared  folder, 
that  backup  will  be  overwritten  if  you  use  the  same  folder  to 
back  up  the  same  computer  again.  In  addition,  if  the  backup 
operation  fails,  you  may  end  up  with  no  backup  because  the 
older  backup  will  be  overwritten,  but  the  newer  backup  will 
not  be  usable.  You  can  avoid  this  by  creating  subfolders  in  the 
remote  shared  folder  to  organize  your  backups.  If  you  do  this, 
the  subfolders  will  need  twice  the  space  of  the  parent  folder. 
Only  one  location  can  be  specified  in  a  single  command. 
Multiple  volume  and  disk  backup  storage  locations  can  be 
added  by  running  the  command  again. 


-removetarget  Specifies  the  storage  location  that  you  want  to  remove  from 

the  existing  backup  schedule.  Requires  you  to  specify  the 
location  as  a  disk  identifier  (see  Remarks). 


-schedule 


Specifies  times  of  day  to  create  a  backup,  formatted  as 
HH:MM  and  comma  delimited. 


PARAMETER 


DESCRIPTION 


-include  For  Windows  Server  2008,  specifies  the  comma-delimited  list 

of  volume  drive  letters,  volume  mount  points,  or  GUID-based 
volume  names  to  include  in  the  backup. 

For  Windows  Server  2008  R2and  later,  Specifies  the  comma- 
delimited  list  of  items  to  include  in  the  backup.  You  can  include 
multiple  files,  folders,  or  volumes.  Volume  paths  can  be 
specified  using  volume  drive  letters,  volume  mount  points,  or 
GUID-based  volume  names.  If  you  use  a  GUID-based  volume 
name,  it  should  be  terminated  with  a  backslash  ().  You  can  use 
the  wildcard  character  (*)  in  the  file  name  when  specifying  a 
path  to  a  file. 


-nonFtecurselnclude  For  Windows  Server  2008  R2  and  later,  specifies  the  non¬ 

recursive,  comma-delimited  list  of  items  to  include  in  the 
backup.  You  can  include  multiple  files,  folders,  or  volumes. 
Volume  paths  can  be  specified  using  volume  drive  letters, 
volume  mount  points,  or  GUID-based  volume  names.  If  you 
use  a  GUID-based  volume  name,  it  should  be  terminated  with 
a  backslash  ().  You  can  use  the  wildcard  character  (*)  in  the  file 
name  when  specifying  a  path  to  a  file.  Should  be  used  only 
when  the  -backupTarget  parameter  is  used. 


-exclude  For  Windows  Server  2008  R2  and  later,  specifies  the  comma- 

delimited  list  of  items  to  exclude  from  the  backup.  You  can 
exclude  files,  folders,  or  volumes.  Volume  paths  can  be 
specified  using  volume  drive  letters,  volume  mount  points,  or 
GUID-based  volume  names.  If  you  use  a  GUID-based  volume 
name,  it  should  be  terminated  with  a  backslash  ().  You  can  use 
the  wildcard  character  (*)  in  the  file  name  when  specifying  a 
path  to  a  file. 


-nonRecurseExclude  For  Windows  Server  2008  R2  and  later,  specifies  the  non¬ 

recursive,  comma-delimited  list  of  items  to  exclude  from  the 
backup.  You  can  exclude  files,  folders,  or  volumes.  Volume 
paths  can  be  specified  using  volume  drive  letters,  volume 
mount  points,  or  GUID-based  volume  names.  If  you  use  a 
GUID-based  volume  name,  it  should  be  terminated  with  a 
backslash  0-  You  can  use  the  wildcard  character  (*)  in  the  file 
name  when  specifying  a  path  to  a  file. 


-hyperv  Specifies  the  comma-delimited  list  of  components  to  be 

included  in  backup.  The  identifier  could  be  a  component  name 
or  component  GUID  (with  or  without  braces). 


-systemState  For  Windows°7  and  Windows  Server  2008  Ft2  and  later, 

creates  a  backup  that  includes  the  system  state  in  addition  to 
any  other  items  that  you  specified  with  the  -include 
parameter.  The  system  state  contains  boot  files  (Boot.ini, 
NDTLDR,  NTDetect.com),  the  Windows  Registry  including 
COM  settings,  the  SYSVOL  (Group  Policies  and  Logon  Scripts), 
the  Active  Directory  and  NTDS.DIT  on  domain  controllers  and, 
if  the  certificates  service  is  installed,  the  Certificate  Store.  If 
your  server  has  the  Web  server  role  installed,  the  IIS 
Metadirectory  will  be  included.  If  the  server  is  part  of  a  cluster, 
Cluster  service  information  is  also  included. 


PARAMETER  DESCRIPTION 

-allCritical  Specifies  that  all  critical  volumes  (volumes  that  contain 

operating  system's  state)  be  included  in  the  backups.  This 
parameter  is  useful  if  you  are  creating  a  backup  for  full  system 
or  system  state  recovery.  It  should  be  used  only  when  - 
backupTarget  is  specified,  otherwise  the  command  will  fail.  Can 
be  used  with  the  -include  option. 

Tip:  The  target  volume  for  a  critical-volume  backup  can  be  a 
local  drive,  but  it  cannot  be  any  of  the  volumes  that  are 
included  in  the  backup. 


-vssFull  For  Windows  Server  2008  R2  and  later,  Performs  a  full  back  up 

using  the  Volume  Shadow  Copy  Service  (VSS).  All  files  are 
backed  up,  each  file's  history  is  updated  to  reflect  that  it  was 
backed  up,  and  the  logs  of  previous  backups  may  be 
truncated.  If  this  parameter  is  not  used  wbadmin  start  backup 
makes  a  copy  backup,  but  the  history  of  files  being  backed  up 
is  not  updated. 

Caution:  Do  not  use  this  parameter  if  you  are  using  a  product 
other  than  Windows  Server  Backup  to  back  up  applications 
that  are  on  the  volumes  included  in  the  current  backup.  Doing 
so  can  potentially  break  the  incremental,  differential,  or  other 
type  of  backups  that  the  other  backup  product  is  creating 
because  the  history  that  they  are  relying  on  to  determine  how 
much  data  to  backup  might  be  missing  and  they  might 
perform  a  full  backup  unnecessarily. 


-vssCopy  For  Windows  Server  2008  R2  and  later,  performs  a  copy 

backup  using  VSS.  All  files  are  backed  up  but  the  history  of 
the  files  being  backup  up  is  not  updated  so  you  preserve  the 
all  the  information  on  which  files  where  changed,  deleted,  and 
so  on,  as  well  as  any  application  log  files.  Using  this  type  of 
backup  does  not  affect  the  sequence  of  incremental  and 
differential  backups  that  might  happen  independent  of  this 
copy  backup.  This  is  the  default  value. 

Warning:  A  copy  backup  cannot  be  used  for  incremental  or 
differential  backups  or  restores. 


-user  For  Windows  Server  2008  R2  and  later,  specifies  the  user  with 

write  permission  to  the  backup  storage  destination  (if  it  is  a 
remote  shared  folder).  The  user  needs  to  be  a  member  of  the 
Administrators  group  or  Backup  Operators  group  on  the 
computer  that  is  getting  backed  up. 


-password  For  Windows  Server  2008  R2  and  later,  specifies  the  password 

for  the  user  name  provided  by  the  parameter  -user. 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


-allowDeleteOld  Backups 


Overwrites  any  backups  made  before  the  computer  was 
upgraded. 


Remarks 

To  view  the  disk  identifier  value  for  your  disks,  type  wbadmin  get  disks. 


Examples 


The  following  examples  show  how  the  wbadmin  enable  backup  command  can  be  used  in  different  backup 
scenarios: 

Scenario  #1 

•  Schedule  backups  of  hard  disk  drives  e:,  d:\mountpoint,  and  \\?\Volume{cc566d14-44a0-1 1  d9-9d93- 
806e6f6e6963}\ 

•  Save  the  files  to  the  disk  Diskl  D 

•  Run  backups  daily  at  9:00  A.M.  and  6:00  P.M. 

wbadmin  enable  backup  -addtarget:DiskID  -schedule:09:00, 18:00  -include:e:  ,d :  \mountpoint, \\?\Volume{cc566dl4- 
44a0-lld9-9d93-806e6f6e6963}\ 

Scenario  #2 

•  Schedule  backups  of  the  folder  d:\documents  to  the  network  location  \\backupshare\backup1 

•  Use  the  network  credentials  for  the  backup  administrator  Aaren  Ekelund  (aekel),  who  is  a  member  of  the 
domain  CONTOSOEAST  to  authenticate  access  to  the  network  share.  Aaren's  password  is  $3hM9A5lp. 

•  Run  backups  daily  at  1 2:00  A.M.  and  7:00  P.M. 

wbadmin  enable  backup  -addtarget : \\backupshare\backupl  -include:  d:\documents  -user:CONTOSOEAST\aekel  - 
password : $3hM9A51p  -schedule: 00: 00, 19: 00 

Scenario  #3 

•  Schedule  backups  of  volume  t:  and  folder  d:\documents  to  the  drive  h:,  but  exclude  the  folder 
d:\documents~tmp 

•  Perform  a  full  backup  using  the  Volume  Shadow  Copy  Service. 

•  Run  backups  daily  at  1 :00  A.M. 

wbadmin  enable  backup  -addtarget :H:  -include  T: ,D: \documents  -exclude  D:\documents\~tmp  -vssfull  - 
schedule:01:00 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 


wbadmin  disable  backup 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Stops  running  the  existing  scheduled  daily  backups. 

To  disable  a  scheduled  daily  backup,  you  must  be  a  member  of  the  Administrators  group,  or  you  must  have  been 
delegated  the  appropriate  permissions.  In  addition,  you  must  run  wbadmin  from  an  elevated  command  prompt. 
(To  open  an  elevated  command  prompt  right-click  Command  Prompt  and  then  click  Run  as  administrator.) 

Syntax 

wbadmin  disable  backup 
[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 


wbadmin  start  backup 

4/1 3/2018  •  7  min  to  read  •  Edit  Online 


Creates  a  backup  using  specified  parameters.  If  no  parameters  are  specified  and  you  have  created  a  scheduled 
daily  backup,  this  subcommand  creates  the  backup  by  using  the  settings  for  the  scheduled  backup.  If  parameters 
are  specified,  it  creates  a  Volume  Shadow  Copy  Service  (VSS)  copy  backup  and  will  not  update  the  history  of  the 
files  that  are  being  backed  up. 

To  create  a  one-time  backup  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or 
the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must 
run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click  Command 
Prompt  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

Syntax  for  Windows°Vista  and  Windows  Server  2008: 

wbadmin  start  backup 

[-backupTarget:{<BackupTargetLocation>  |  <TargetNetworkShare>}] 

[-include: <VolumesToInclude>] 

[-allCritical] 

[-noVerify] 

[-user:<UserName>] 

[-password :< Pas sword >] 

[-noinheritAcl] 

[-vssFull] 

[-quiet] 


Syntax  for  Windows°7  and  Windows  Server  2008  R2  and  later: 

Wbadmin  start  backup 

[ -backupTarget : {<BackupTargetLocation>  |  <TargetNetworkShare>}] 
[-include: < It emsToInclude>] 

[-nonRecurselnclude: <ItemsToInclude>] 

[ -exclude : <ItemsToExclude>] 

[-nonRecurseExclude: <ItemsToExclude>] 

[-allCritical] 

[-systemState] 

[-noVerify] 

[-user:<UserName>] 

[-password :< Pas sword >] 

[-noinheritAcl] 

[-vssFull  |  -vssCopy] 

[-quiet] 


Parameters 


PARAMETER 


DESCRIPTION 


PARAMETER 

-backupTarget 


-include 


-exclude 


-nonRecurselnclude 


DESCRIPTION 

Specifies  the  storage  location  for  this  backup.  Requires  a  hard 
disk  drive  letter  (f:),  a  volume  GUID-based  path  in  the  format 
of  \\?\Volume{GUID},  or  a  Universal  Naming  Convention 
(UNC)  path  to  a  remote  shared  folder  (\\<servername> 
<sharename>).  By  default,  the  backup  will  be  saved  at: 
\\<sharenam  e>*WindowslmageBackup*\. 

Important:  If  you  save  a  backup  to  a  remote  shared  folder, 
that  backup  will  be  overwritten  if  you  use  the  same  folder  to 
back  up  the  same  computer  again.  In  addition,  if  the  backup 
operation  fails,  you  may  end  up  with  no  backup  because  the 
older  backup  will  be  overwritten,  but  the  newer  backup  will 
not  be  usable.  You  can  avoid  this  by  creating  subfolders  in  the 
remote  shared  folder  to  organize  your  backups.  If  you  do  this, 
the  subfolders  will  need  twice  the  space  as  the  parent  folder. 

For  Windows°Vista  and  Windows  Server  2008,  specifies  the 
comma-delimited  list  of  volume  drive  letters,  volume  mount 
points,  or  GUID-based  volume  names  to  include  in  the 
backup.  This  parameter  should  be  used  only  when  the  - 
backupTarget  parameter  is  used. 

For  Windows°7  and  Windows  Server  2008  R2  and  later, 
specifies  the  comma-delimited  list  of  items  to  include  in  the 
backup.  You  can  include  multiple  files,  folders,  or  volumes. 
Volume  paths  can  be  specified  using  volume  drive  letters, 
volume  mount  points,  or  GUID-based  volume  names.  If  you 
use  a  GUID-based  volume  name,  it  should  be  terminated  with 
a  backslash  ().  You  can  use  the  wildcard  character  (J  in  the  file 
name  when  specifying  a  path  to  a  file.  Should  be  used  only 
when  the  **-backupTarget *  parameter  is  used. 

For  Windows°7  and  Windows  Server  2008  R2  and  later, 
specifies  the  comma-delimited  list  of  items  to  exclude  from  the 
backup.  You  can  exclude  files,  folders,  or  volumes.  Volume 
paths  can  be  specified  using  volume  drive  letters,  volume 
mount  points,  or  GUID-based  volume  names.  If  you  use  a 
GUID-based  volume  name,  it  should  be  terminated  with  a 
backslash  0.  You  can  use  the  wildcard  character  0  in  the  file 
name  when  specifying  a  path  to  a  file.  Should  be  used  only 
when  the  **-backupTarget *  parameter  is  used. 

For  Windows°7  and  Windows  Server  2008  R2  and  later, 
specifies  the  non-recursive,  comma-delimited  list  of  items  to 
include  in  the  backup.  You  can  include  multiple  files,  folders,  or 
volumes.  Volume  paths  can  be  specified  using  volume  drive 
letters,  volume  mount  points,  or  GUID-based  volume  names. 

If  you  use  a  GUID-based  volume  name,  it  should  be 
terminated  with  a  backslash  ().  You  can  use  the  wildcard 
character  0  in  the  file  name  when  specifying  a  path  to  a  file. 
Should  be  used  only  when  the  **-backupTarget*  parameter  is 
used. 


PARAMETER 

-nonRecurseExclude 


-allCritical 


-systemState 


-noVerify 


-user 


-password 


-noInheritAcI 


DESCRIPTION 

For  Windows°7  and  Windows  Server  2008  F£  and  later, 
specifies  the  non-recursive,  comma-delimited  list  of  items  to 
exclude  from  the  backup.  You  can  exclude  files,  folders,  or 
volumes.  Volume  paths  can  be  specified  using  volume  drive 
letters,  volume  mount  points,  or  GUID-based  volume  names. 

If  you  use  a  GUID-based  volume  name,  it  should  be 
terminated  with  a  backslash  ().  You  can  use  the  wildcard 
character  0  in  the  file  name  when  specifying  a  path  to  a  file. 
Should  be  used  only  when  the  **-backupTarget*  parameter  is 
used. 

Specifies  that  all  critical  volumes  (volumes  that  contain 
operating  system's  state)  be  included  in  the  backups.  This 
parameter  is  useful  if  you  are  creating  a  backup  for  bare  metal 
recovery.  It  should  be  used  only  when  -backupTarget  is 
specified,  otherwise  the  command  will  fail.  Can  be  used  with 
the  -include  option. 

Tip:  The  target  volume  for  a  critical-volume  backup  can  be  a 
local  drive,  but  it  cannot  be  any  of  the  volumes  that  are 
included  in  the  backup. 

For  Windows°7  and  Windows  Server  2008  F£  and  later, 
creates  a  backup  that  includes  the  system  state  in  addition  to 
any  other  items  that  you  specified  with  the  -include 
parameter.  The  system  state  contains  boot  files  (Boot.ini, 
NDTLDR,  NTDetect.com),  the  Windows  Registry  including 
COM  settings,  the  SYSVOL  (Group  Policies  and  Logon  Scripts), 
the  Active  Directory  and  NTDS.DIT  on  Domain  Controllers 
and,  if  the  certificates  service  is  installed,  the  Certificate  Store. 
If  your  server  has  the  Web  server  role  installed,  the  IIS 
Metadirectory  will  be  included.  If  the  server  is  part  of  a  cluster, 
Cluster  Service  information  will  also  be  included. 

Specifies  that  backups  saved  to  removable  media  (such  as  a 
DVD)  are  not  verified  for  errors.  If  you  do  not  use  this 
parameter,  backups  saved  to  removable  media  are  verified  for 
errors. 

If  the  backup  is  saved  to  a  remote  shared  folder,  specifies  the 
user  name  with  write  permission  to  the  folder. 

Specifies  the  password  for  the  user  name  that  is  provided  by 
the  parameter  -user. 

Applies  the  access  control  list  (ACL)  permissions  that 
correspond  to  the  credentials  provided  by  the  -user  and  - 
password  parameters  to  \\<servername> 
<sharename>\WindowslmageBackup<ComputerBackedUp>\ 
(the  folder  that  contains  the  backup).  To  access  the  backup 
later,  you  must  use  these  credentials  or  be  a  member  of  the 
Administrators  group  or  the  Backup  Operators  group  on  the 
computer  with  the  shared  folder  If  -noInheritAcI  is  not  used, 
the  ACL  permissions  from  the  remote  shared  folder  are 
applied  to  the  <ComputerBackedUp>  folder  by  default  so 
that  anyone  with  access  to  the  remote  shared  folder  can 
access  the  backup. 


PARAMETER 


DESCRIPTION 


-vssFull  Performs  a  full  back  up  using  the  Volume  Shadow  Copy 

Service  (VSS).  All  files  are  backed  up,  each  file's  history  is 
updated  to  reflect  that  it  was  backed  up,  and  the  logs  of 
previous  backups  may  be  truncated.  If  this  parameter  is  not 
used  wbadmin  start  backup  makes  a  copy  backup,  but  the 
history  of  files  being  backed  up  is  not  updated. 

Caution:  Do  not  use  this  parameter  if  you  are  using  a  product 
other  than  Windows  Server  Backup  to  back  up  applications 
that  are  on  the  volumes  included  in  the  current  backup.  Doing 
so  can  potentially  break  the  incremental,  differential,  or  other 
type  of  backups  that  the  other  backup  product  is  creating 
because  the  history  that  they  are  relying  on  to  determine  how 
much  data  to  backup  might  be  missing  and  they  might 
perform  a  full  backup  unnecessarily. 


-vssCopy  For  Windows  7  and  Windows  Server  2008  R2  and  later, 

performs  a  copy  backup  using  VSS.  All  files  are  backed  up  but 
the  history  of  the  files  being  backup  up  is  not  updated  so  you 
preserve  the  all  the  information  on  which  files  where  changed, 
deleted,  and  so  on,  as  well  as  any  application  log  files.  Using 
this  type  of  backup  does  not  affect  the  sequence  of 
incremental  and  differential  backups  that  might  happen 
independent  of  this  copy  backup.  This  is  the  default  value. 
Warning:  A  copy  backup  cannot  be  used  for  incremental  or 
differential  backups  or  restores. 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Examples 

The  following  examples  show  how  the  wbadmin  start  backup  command  can  be  used  in  different  backup 
scenarios: 

Scenario  #1 

•  Create  a  backup  of  volumes  e:,  d:\mountpoint,  and  \\?\Volume{cc566d  14-441 0-1 1d9-9d93-806e6f6e6963} 

•  Save  the  backup  to  volume  f: 

wbadmin  start  backup  -backupTarget:f :  -include:e: ,d : \mountpoint, \\?\Volume{cc566dl4-44a0-lld9-9d93- 
806e6f6e6963}\ 

Scenario  #2 

•  Perform  a  one-time  backup  of  f:\folder1  and  h:\folder2  to  volume  d:. 

•  Backup  the  system  state 

•  Make  a  copy  backup  so  that  the  normally  scheduled  differential  backup  is  not  impacted. 

wbadmin  start  backup  -backupTarget : d :  -include rgXfolderl, h:\folder2  -systemstate  -vsscopy  Scenario  #3 

•  Perform  a  one-time  backup  of  d:\folder1  that  should  be  backed  up  non-recursively. 

•  Backup  the  folder  to  the  network  location  \\backupshare\backup  1 

•  Restrict  access  to  the  backup  to  members  of  the  Administrators  or  Backup  Operators  group, 
wbadmin  start  backup  -backupTarget:  \\backupshare\backupl  -noinheritacl  -nonrecurseinclude:d:\folderl 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 


wbadmin  stop  job 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Cancels  the  backup  or  recovery  operation  that  is  currently  running.  Canceled  operations  cannot  be  restarted — you 
must  rerun  a  canceled  backup  or  recovery  operation  from  the  beginning. 

To  stop  a  backup  or  recovery  operation  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators 
group  or  the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  authority.  In  addition,  you 
must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click 

Command  Prompt  and  then  click  Run  as  administrator.) 

Syntax 

wbadmin  stop  job 
[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 


wbadmin  get  versions 

4/1 3/2018  *1  min  to  read  •  Edit  Online 


Lists  details  about  the  available  backups  that  are  stored  on  the  local  computer  or  another  computer.  When  this 
subcommand  is  used  without  parameters,  it  lists  all  backups  of  the  local  computer,  even  if  those  backups  are  not 
available.  The  details  provided  for  a  backup  include  the  backup  time,  the  backup  storage  location,  the  version 
identifier  (needed  for  the  wbadmin  get  items  subcommand  and  to  perform  recoveries),  and  the  type  of 
recoveries  you  can  perform. 

To  get  details  about  available  backups  using  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators 
group  or  the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition, 
you  must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  Command 
Prompt  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

wbadmin  get  versions 

[-backupTarget : {<BackupTargetLocation>  |  <NetworkSharePath>}] 

[  -  machine : BackupMachineName] 


Parameters 

PARAMETER  DESCRIPTION 

-backupTarget  Specifies  the  storage  location  that  contains  the  backups  that 

you  want  the  details  for.  Use  for  listing  backups  stored  at  that 
target  location.  Backup  target  locations  can  be  locally  attached 
disk  drives,  volumes,  remote  shared  folders,  removable  media 
such  as  DVD  drives  or  other  optical  media.  If  wbadmin  get 
versions  is  run  on  the  same  computer  where  the  backup  was 
created,  this  parameter  is  not  needed.  However,  this 
parameter  is  required  to  get  information  about  a  backup 
created  from  another  computer. 


-machine  Specifies  the  computer  that  you  want  backup  details  for.  Use 

when  backups  of  multiple  computers  are  stored  in  the  same 
location.  Should  be  used  when  -backupTarget  is  specified. 


Remarks 

To  list  items  available  for  recovery  from  a  specific  backup,  use  wbadmin  get  items. 

Examples 

To  see  a  list  of  available  backups  that  are  stored  on  volume  h,  type: 
wbadmin  get  versions  -backupTarget : h : 


To  see  a  list  of  available  backups  that  are  stored  in  the  remote  shared  folder  \\servername\share  for  the  computer 
serverOI,  type: 


wbadmin  get  versions  -backupTarget : \\servername\share  -machine :server01 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Get-WBBackupTarget  cmdlet 


wbadmin  get  items 

4/13/2018  •  1  min  to  read  •  Edit  Online 

Lists  the  items  included  in  a  specific  backup. 

To  use  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or  the  Administrators  group, 
or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must  run  wbadmin  from  an 
elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click  Command  Prompt  and  then  click 

Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

wbadmin  get  items 

-version : cVersionldentif ier> 

[ -backupTarget : {<BackupDestinationVolume> 

[ -machine: <BackupMachineName>] 

|  <NetworkSharePath>}] 

Parameters 

PARAMETER 

DESCRIPTION 

-version 

Specifies  the  version  of  the  backup  in  MM/DD/YYYY-HH:MM 
format.  If  you  do  not  know  the  version  information,  type 

wbadmin  get  versions. 

-backupTarget 

Specifies  the  storage  location  that  contains  the  backups  for 
which  you  want  the  details.  Use  for  listing  backups  stored  at 
that  target  location.  Backup  target  locations  can  be  a  locally 
attached  disk  drive  or  a  remote  shared  folder.  If  wbadmin  get 
itemsis  run  on  the  same  computer  where  the  backup  was 
created,  this  parameter  is  not  needed.  However,  this 
parameter  is  required  to  get  information  about  a  backup 
created  from  another  computer. 

-machine 

Specifies  the  name  of  the  computer  that  you  want  the  backup 
details  for.  Useful  when  multiple  computers  have  been  backed 
up  to  the  same  location.  Should  be  used  when  - 

backupTarget  is  specified. 

Examples 

To  list  items  from  the  backup  that  was  run  on 

March  31, 2013  at  9:00  A. M.,  type: 

wbadmin  get  items  -version: 03/31/2013-09: 00 

To  list  items  from  the  backup  of  serverOI  that  was  run  on  April  30,  201 3  at  9:00  A.M.  and  stored  on 
\\servername\share,  type: 


wbadmin  get  items  -version:04/30/2013-09:00  -backupTanget : \\servername\share  -machine:server01 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Get-WBBackupSet  cmdlet 


wbadmin  start  recovery 

4/1 3/2018  •  5  min  to  read  •  Edit  Online 


Runs  a  recovery  operation  based  on  the  parameters  that  you  specify. 

To  perform  a  recovery  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or  the 
Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must  run 
wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt,  click  Start,  right-click 

Command  Prompt,  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 


Syntax 


wbadmin  start  recovery 

-version : cVersionldentif ier> 

-items : {<VolumesToRecover>  |  <AppsToRecover> 
-itemtype: {Volume  |  App  |  File} 

|  <FilesOrFoldersToRecover>} 

[-backupTarget : {<VolumeHostingBackup>  |  <NetworkShareHostingBackup>}] 

[-machine: <BackupMachineName>] 

[-recoveryTarget : {<TargetVolumeForRecovery>  | 
[-recursive] 

[-overwrite: {Overwrite  |  CreateCopy  |  Skip}] 
[-notRestoreAcl] 

[-skipBadClusterCheck] 

[-noRollForward] 

[-quiet] 

<TargetPathForRecovery>}] 

Parameters 

PARAMETER  DESCRIPTION 

-version  Specifies  the  version  identifier  of  the  backup  to  recover  in 

MM/DD/YYYY-HH:MM  format.  If  you  do  not  know  the 
version  identifier,  type  wbadmin  get  versions. 


-items  Specifies  a  comma-delimited  list  of  volumes,  applications,  files, 

or  folders  to  recover. 

-  If  -itemtype  is  Volume,  you  can  specify  only  a  single 
volume — by  providing  the  volume  drive  letter,  volume  mount 
point,  or  GUID-based  volume  name. 

-  If  -itemtype  is  App,  you  can  specify  only  a  single 
application.  To  be  recovered,  the  application  must  have 
registered  with  Windows  Server  Backup.  You  can  also  use  the 
value  ADIFM  to  recover  an  installation  of  Active  Directory.  See 
Remarks  in  for  more  information. 

-  If  -itemtype  is  File,  you  can  specify  files  or  folders,  but  they 
should  be  part  of  the  same  volume  and  they  should  be  under 
the  same  parent  folder. 


-itemtype  Specifies  type  of  items  to  recover.  Must  be  Volume,  App,  or 

File. 


PARAMETER 


DESCRIPTION 


-backupTarget 

Specifies  the  storage  location  that  contains  the  backup  that 
you  want  to  recover.  This  parameter  is  useful  when  the 
location  is  different  from  where  backups  of  this  computer  are 
usually  stored. 

-machine 

Specifies  the  name  of  the  computer  that  you  want  to  recover 
the  backup  for.  This  parameter  is  useful  when  multiple 
computers  have  been  backed  up  to  the  same  location.  It 
should  be  used  when  the  -backupTarget  parameter  is 
specified. 

-recoveryTarget 

Specifies  the  location  to  restore  to.  This  parameter  is  useful  if 
this  location  is  different  than  the  location  that  was  previously 
backed  up.  It  can  also  be  used  for  restorations  of  volumes, 
files,  or  applications.  If  you  are  restoring  a  volume,  you  can 
specify  the  volume  drive  letter  of  the  alternate  volume,  if  you 
are  restoring  a  file  or  application,  you  can  specify  an  alternate 
recovery  location. 

-recursive 

Valid  only  when  recovering  files.  Recovers  the  files  in  the 
folders  and  all  files  subordinate  to  the  specified  folders.  By 
default,  only  files  which  reside  directly  in  the  specified  folders 
are  recovered. 

-overwrite 

Valid  only  when  recovering  files.  Specifies  the  action  to  take 
when  a  file  that  is  being  recovered  already  exists  in  the  same 
location. 

-  Skip  causes  Windows  Server  Backup  to  skip  the  existing  file 
and  continue  with  recovery  of  the  next  file. 

-  CreateCopy  causes  Windows  Server  Backup  to  create  a 
copy  of  the  existing  file  so  that  the  existing  file  is  not  modified. 

-  Overwrite  causes  Windows  Server  Backup  to  overwrite  the 
existing  file  with  the  file  from  the  backup. 

-notRestoreAcI 

Valid  only  when  recovering  files.  Specifies  to  not  restore  the 
security  access  control  lists  (ACLs)  of  the  files  being  recovered 
from  the  backup.  By  default,  the  security  ACLs  are  restored 
(the  default  value  is  true).  If  this  parameter  is  used,  the  ACLs 
for  the  restored  files  will  be  inherited  from  the  location  to 
which  the  files  are  being  restored. 

-skipBadClusterCheck 

Valid  only  when  recovering  volumes.  Skips  checking  the  disks 
that  you  are  recovering  to  for  bad  cluster  information.  If  you 
are  recovering  to  an  alternate  server  or  hardware,  we 
recommend  that  you  do  not  use  this  parameter.  You  can 
manually  run  the  command  chkdsk  /b  on  these  disks  at  any 
time  to  check  them  for  bad  clusters,  and  then  update  the  file 
system  information  accordingly. 

Important:  Until  you  run  chkdsk  as  described,  the  bad 
clusters  reported  on  your  recovered  system  may  not  be 

accurate. 

-noRollForward 

Valid  only  when  recovering  applications.  Allows  for  previous 
point-in-time  recovery  of  an  application  if  the  latest  version 
from  the  backups  is  selected.  For  other  versions  of  the 
application  that  are  not  the  latest,  previous  point-in-time 
recovery  is  done  as  the  default. 

PARAMETER 


DESCRIPTION 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Remarks 

•  To  view  a  list  of  items  that  are  available  for  recovery  from  a  specific  backup  version,  use  wbadmin  get  items.  If 
a  volume  did  not  have  a  mount  point  or  drive  letter  at  the  time  of  backup,  then  this  subcommand  would  return 
a  GUID-based  volume  name  that  should  be  used  for  recovering  the  volume. 

•  When  the  -itemtype  is  App,  you  can  use  a  value  of  ADIFM  for  -item  to  perform  an  install  from  media 
operation  to  recover  all  the  related  data  needed  for  Active  Directory  Domain  Services.  ADIFM  creates  a  copy 
of  the  Active  Directory  database,  registry,  and  SYSVOL  state,  and  then  saves  this  information  in  the  location 
specified  by  -recoveryTarget.  Use  this  parameter  only  when  -recoveryTarget  is  specified. 


[ ! NOTE] 

Before  using  **wbadmin**  to  perform  an  install  from  media  operation,  you  should  consider  using  the 
**ntdsutil**  command  because  **ntdsutil**  only  copies  the  minimum  amount  of  data  needed,  and  it  uses  a  more 
secure  data  transport  method. 


Examples 

To  run  a  recovery  of  the  backup  from  March  31, 201 3,  taken  at  9:00  A.M.,  of  volume  d:,  type: 

wbadmin  start  recovery  -version: 03/31/2013-09: 00  -itemType:Volume  -items:d: 

To  run  a  recovery  to  drive  d  of  the  backup  from  March  31,  201 3,  taken  at  9:00  A.M.,  of  the  registry,  type: 

wbadmin  start  recovery  -version:03/31/2013-09:00  -itemType:App  -items : Registry  -recoverytarget:d:\ 

To  run  a  recovery  of  the  backup  from  March  31, 201 3,  taken  at  9:00  A.M.,  of  the  d:\folder  and  folders  subordinate 
to  d:\folder,  type: 

wbadmin  start  recovery  -version:03/31/2013-09:00  -itemType:File  -items:d:\folder  -recursive 

To  run  a  recovery  of  the  backup  from  March  31,  201 3,  taken  at  9:00  A.M.,  of  the  volume  \\?\Volume{cc5 66d  14- 
44a0-1 1  d9-9d93-806e6f6e6963},  type: 

wbadmin  start  recovery  -version:03/31/2013-09:00  -itemType:Volume 
-items :  \\?\Volume{cc566dl4-44a0-lld9-9d93-806e6f6e6963}\ 

To  run  a  recovery  of  the  backup  from  April  30,  201 3,  taken  at  9:00  A.M.,  of  the  shared  folder  \\servername\share 
from  serverOI,  type: 

wbadmin  start  recovery  -version:04/30/2013-09:00  -backupTarget : \\servername\share  -machine:server01 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Start-WBFileRecovery  cmdlet 


Start-WBHyperVRecovery  cmdlet 
Start-WB  System  State  Recovery  cmdlet 
Start-WBVoiumeRecovery  cmdlet 


wbadmin  get  status 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Reports  the  status  of  the  backup  or  recovery  operation  that  is  currently  running. 

To  use  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or  the  Administrators  group, 
or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must  run  wbadmin  from  an 
elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click  Command  Prompt,  and  then  click 

Run  as  administrator.) 

Syntax 

wbadmin  get  status 


Parameters 

This  subcommand  has  no  parameters. 

Remarks 

•  This  subcommand  will  not  stop  until  the  current  backup  or  recovery  operation  is  finished — the  subcommand 
will  continue  to  run  even  if  you  close  the  command  window. 

•  If  you  want  to  stop  the  current  backup  or  recovery  operation,  use  the  wbadmin  stop  job  subcommand. 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Get-WBJob  cmdlet 


wbadmin  get  disks 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Lists  the  internal  and  external  disks  that  are  currently  online  for  the  local  computer. 

To  list  the  disks  that  are  online  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or 
the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must 
run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click  Command 
Prompt,  and  then  click  Run  as  administrator.) 

Syntax 

wbadmin  get  disks 


Parameters 

This  subcommand  has  no  parameters. 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Get-WBDisk  cmdlet 


wbadmin  start  systemstaterecovery 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Performs  a  system  state  recovery  to  a  location  and  from  a  backup  that  you  specify. 


NOTE 

Windows  Server  Backup  does  not  back  up  or  recover  registry  user  hives  (HKEY_CURRENT_USER)  as  part  of  system  state 
backup  or  system  state  recovery. 


To  perform  a  system  state  recovery  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators 
group  or  the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition, 
you  must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click 

Command  Prompt,  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

Syntax  for  Windows  Server  2008: 

wbadmin  start  systemstaterecovery 
-version : cVersionldentif ier> 

-showsummary 

[-backupTarget : {<BackupDestinationVolume>  |  <NetworkSharePath>}] 

[-machine: <BackupMachineName>] 

[-recoveryTarget : <TargetPathForRecovery>] 

[-authsysvol] 

[-quiet] 


Syntax  for  Windows  Server  2008  R2  or  later: 

wbadmin  start  systemstaterecovery 
-version : cVersionldentif ier> 

-showsummary 

[ -backupTarget : {<BackupDestinationVolume>  |  <NetworkSharePath>}] 
[-machine: <BackupMachineName>] 

[-recoveryTarget : <TargetPathForRecovery>] 

[-authsysvol] 

[-autoReboot] 

[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 


-version  Specifies  the  version  identifier  for  the  backup  to  recover  in 

MM/DD/YYYY-HH:MM  format.  If  you  do  not  know  the 
version  identifier,  type  wbadmin  get  versions. 


PARAMETER 


DESCRIPTION 


-showsummary 

Reports  the  summary  of  the  last  system  state  recovery  (after 
the  restart  required  to  complete  the  operation).  This 
parameter  cannot  be  accompanied  by  any  other  parameters. 

-backupTarget 

Specifies  the  storage  location  that  contains  the  backup  or 
backups  you  want  to  recover.  This  parameter  is  useful  when 
the  storage  location  is  different  from  where  the  backups  of 
this  computer  are  usually  stored. 

-machine 

Specifies  the  name  of  the  computer  that  you  want  to  recover. 
This  parameter  is  useful  when  multiple  computers  have  been 
backed  up  to  the  same  location.  Should  be  used  when  the  - 
backupTarget  parameter  is  specified. 

-recoveryTarget 

Specifies  the  directory  to  restore  to.  This  parameter  is  useful  if 
the  backup  is  restored  to  an  alternate  location. 

-authsysvol 

If  used,  performs  an  authoritative  restore  of  SYSVOL  (the 
System  Volume  shared  directory). 

-autoReboot 

Specifies  to  restart  the  system  at  the  end  of  the  system  state 
recovery  operation.  This  parameter  is  valid  only  for  a  recovery 
to  the  original  location.  We  do  not  recommend  you  use  this 
parameter  if  you  need  to  perform  steps  after  the  recovery 
operation. 

-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Examples 

•  To  perform  a  system  state  recovery  of  the  backup  from  03/31/201 3  at  9:00  A.M.,  type: 

wbadmin  start  systemstaterecovery  -version:03/31/2013-09:00 

•  To  perform  a  system  state  recovery  of  the  backup  from  04/30/201 3  at  9:00  A. M.  that  is  stored  on  the  shared 
resource  \\servername\share  for  serverOI ,  type: 

wbadmin  start  systemstaterecovery  -version:04/30/2013-09:00  -backupTarget : \\servername\share  - 
machine :server01 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Start-WBSystemStateRecovery  cmdlet 


wbadmin  start  systemstatebackup 

4/1 3/2018  *1  min  to  read  •  Edit  Online 


Creates  a  system  state  backup  of  the  local  computer  and  stores  it  on  the  location  specified. 


NOTE 

Windows  Server  Backup  does  not  back  up  or  recover  registry  user  hives  (HKEY_CURRENT_USER)  as  part  of  system  state 
backup  or  system  state  recovery. 


To  perform  a  system  state  backup  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group 
or  the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you 
must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click 

Command  Prompt,  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

wbadmin  start  systemstatebackup 
-backupTarget : <VolumeName> 

[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 

-backupTarget  Specifies  the  location  where  you  want  to  store  the  backup.  The 

storage  location  requires  a  drive  letter  or  a  GUID-based 
volume  of  the  format:  \\?\Volume{Gl//D}. 

A  system  state  backup  to  a  shared  network  folder  is  not 
supported  on  a  computer  running  Windows  Server  2008.  If 
your  server  is  running  Windows  Server  2008  R2  or  later  you 
can  use  the  command  - 

backuptarget:\\servername\sharedFolder\  to  store 
system  state  backups. 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Remarks 

For  information  about  saving  a  system  state  backup  to  a  volume  that,  in  turn,  contains  system  state  files,  see  article 
944530  in  the  Microsoft  Knowledge  Base  (https://go.microsoft.com/fwlink/?Linkld  =  1 10439). 

Examples 

To  create  a  system  state  backup  and  store  it  on  volume  f,  type: 
wbadmin  start  systemstatebackup  -backupTarget:f : 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Start-WBBackup  cmdlet 


wbadmin  delete  systemstatebackup 
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Deletes  the  system  state  backups  that  you  specify.  If  the  specified  volume  contains  backups  other  than  system  state 
backups  of  your  local  server,  those  backups  will  not  be  deleted. 


NOTE 

Windows  Server  Backup  does  not  back  up  or  recover  registry  user  hives  (HKEY_CURRENT_USER)  as  part  of  system  state 
backup  or  system  state  recovery. 


To  delete  a  system  state  backup  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group 
or  the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you 
must  run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click 

Command  Prompt,  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  command,  see  Examples. 


Syntax 


wbadmin  delete  systemstatebackup 

{-keepVersions:<NumberofCopies>  |  -version : <VersionIdentifier>  | 

-deleteOldest} 

[ -backupTarget : <VolumeName>] 

[ -machine: <BackupMachineName>] 

[ -quiet] 

IMPORTANT 

One  and  only  one  of  these  parameters  must  be  specified:  -keepVersions,  -version,  or  -deleteOldest. 


Parameters 

PARAMETER  DESCRIPTION 

-keepVersions  Specifies  the  number  of  the  latest  system  state  backups  to 

keep.  The  value  must  be  a  positive  integer.  The  parameter 
value  -keepVersions:0  deletes  all  the  system  state  backups. 


-version  Specifies  the  version  identifier  of  the  backup  in  MM/DD/YYYY- 

HH:MM  format.  If  you  do  not  know  the  version  identifier,  type 

wbadmin  get  versions. 

Versions  that  are  exclusively  system  state  backups  can  be 
deleted  using  this  command.  Use  wbadmin  get  items  to 
view  the  version  type. 


-deleteOldest 


Deletes  the  oldest  system  state  backup. 


PARAMETER 

DESCRIPTION 

-backupTarget 

Specifies  the  storage  location  for  the  backup  that  you  want  to 
delete.  The  storage  location  for  backups  of  disks  can  be  a  drive 
letter,  a  mount  point,  or  a  GUID-based  volume  path.  This 
value  only  needs  to  be  specified  for  locating  backups  that  are 
not  of  the  local  computer.  Information  about  backups  for  the 
local  computer  will  be  available  in  the  backup  catalog  on  the 
local  computer. 

-machine 

Specifies  the  computer  whose  system  state  backup  you  want 
to  delete.  Useful  when  multiple  computers  were  backed  up  to 
the  same  location.  Should  be  used  when  the  -backupTarget 
parameter  is  specified. 

-quiet 

Runs  the  subcommand  with  no  prompts  to  the  user. 

Examples 

To  delete  the  system  state  backup  created  on  March  31, 201 3  at  1 0:00  AM,  type: 

wbadmin  delete  systemstatebackup  -version:03/31/2013-10:00 

To  delete  all  system  state  backups,  except  the  three  most  recent,  type: 

wbadmin  delete  systemstatebackup  -keepVersions:3 

To  delete  the  oldest  system  state  backup  stored  on  disk  f,  type: 
wbadmin  delete  systemstatebackup  -backupTarget :f  -deleteOldest 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 


wbadmin  start  sysrecovery 
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Performs  a  system  recovery  (bare  metal  recovery)  using  the  parameters  that  you  specify. 


NOTE 

This  subcommand  can  be  run  only  from  the  Windows  Recovery  Environment,  and  it  is  not  listed  by  default  in  the  usage  text 
of  Wbadmin.  For  more  information,  see  Windows  Recovery  Environment  (Windows  RE)  Overview. 


To  perform  a  system  recovery  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or 
the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions. 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

wbadmin  start  sysrecovery 
-version : cVersionldentif ier> 

-backupTarget : {<BackupDestinationVolume>  |  <NetworkShareHostingBackup>} 

[ -machine : <BackupMachineName>] 

[-restoreAHVolumes] 

[-recreateDisks] 

[-excludeDisks] 

[-skipBadClusterCheck] 

[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 

-version  Specifies  the  version  identifier  for  the  backup  to  recover  in 

MM/DD/YYYY-HH:MM  format.  If  you  do  not  know  the 
version  identifier,  type  wbadmin  get  versions. 


-backupTarget  Specifies  the  storage  location  that  contains  the  backup  or 

backups  that  you  want  to  recover.  This  parameter  is  useful 
when  the  storage  location  is  different  from  where  backups  of 
this  computer  are  usually  stored. 


-machine  Specifies  the  name  of  the  computer  that  you  want  to  recover. 

This  parameter  is  useful  when  multiple  computers  have  been 
backed  up  to  the  same  location.  Should  be  used  when  the  - 
backupTarget  parameter  is  specified. 


-restoreANVolumes  Recovers  all  volumes  from  the  selected  backup.  If  this 

parameter  is  not  specified,  only  critical  volumes  (volumes  that 
contain  the  system  state  and  operating  system  components) 
are  recovered.  This  parameter  is  useful  when  you  need  to 
recover  non-critical  volumes  during  system  recovery. 


PARAMETER 


DESCRIPTION 


-recreateDisks 

Recovers  a  disk  configuration  to  the  state  that  existed  when 
the  backup  was  created. 

Warning:  This  parameter  deletes  all  data  on  volumes  that  host 
operating  system  components.  It  might  also  delete  data  from 
data  volumes. 

-excludeDisks 

Valid  only  when  specified  with  the  -recreateDisks  parameter 
and  must  be  input  as  a  comma-delimited  list  of  disk  identifiers 
(as  listed  in  the  output  of  wbadmin  get  disks).  Excluded  disks 
are  not  partitioned  or  formatted.  This  parameter  helps 
preserve  data  on  disks  that  you  do  not  want  modified  during 
the  recovery  operation. 

-skipBadClusterCheck 

Skips  checking  your  recovery  disks  for  bad  cluster  information. 
If  you  are  restoring  to  an  alternate  server  or  hardware,  we 
recommend  that  you  do  not  use  this  parameter.  You  can 
manually  run  chkdsk  /b  on  your  recovery  disks  at  any  time  to 
check  them  for  bad  clusters,  and  then  update  the  file  system 
information  accordingly. 

Warning:  Until  you  run  chkdsk  as  described,  the  bad  clusters 
reported  on  your  recovered  system  may  not  be  accurate. 

-quiet 


Runs  the  command  with  no  prompts  to  the  user. 


Examples 

To  start  recovering  the  information  from  the  backup  that  was  run  on  March  31, 201 3  at  9:00  A.M.,  located  on  drive 
d:,  type: 

wbadmin  start  sysrecovery  -version:03/31/2013-09:00  -backupTarget:d: 

To  start  recovering  the  information  from  the  backup  that  was  run  on  April  30,  201 3  at  9:00  A.M.,  located  in  the 
shared  folder  \\servername\shared:  for  serverOI ,  type: 

wbadmin  start  sysrecovery  -version:04/30/2013-09:00  -backupTarget : \\servername\share  -machine: server01 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Get-WBBareMetalRecovery  cmdlet 


wbadmin  restore  catalog 
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Recovers  a  backup  catalog  for  the  local  computer  from  a  storage  location  that  you  specify. 

To  recover  a  backup  catalog  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or 
the  Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must 
run  wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click  Command 
Prompt,  and  then  click  Run  as  administrator.) 

For  examples  of  how  to  use  this  subcommand,  see  Examples. 

Syntax 

wbadmin  restore  catalog 

-backupTarget : {<BackupDestinationVolume>  |  <NetworkShareHostingBackup>} 

[ -machine : <BackupMachineName>] 

[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 


-backupTarget 


Specifies  the  location  of  the  backup  catalog  of  the  system  as  it 
was  at  the  point  after  the  backup  was  created. 


-machine  Specifies  the  name  of  the  computer  that  you  want  to  recover 

the  backup  catalog  for.  Use  when  backups  for  multiple 
computers  have  been  stored  at  the  same  location.  Should  be 
used  when  -backupTarget  is  specified. 


-quiet 


Runs  the  subcommand  with  no  prompts  to  the  user. 


Remarks 

If  the  location  (disk,  DVD,  or  remote  shared  folder)  where  you  store  your  backups  is  damaged  or  lost  and  cannot 
be  used  to  restore  the  backup  catalog,  use  wbadmin  delete  catalog  to  delete  the  corrupted  catalog.  In  this  case, 
you  should  create  a  new  backup  once  your  backup  catalog  is  deleted. 

Examples 

To  restore  a  catalog  from  a  backup  stored  on  disk  d:,  type: 
wbadmin  restore  catalog  -backupTarget:d 


To  restore  a  catalog  from  a  backup  stored  in  the  shared  folder  \\servername\share  of  serverOI ,  type: 

wbadmin  restore  catalog  -backupTarget:\\servername\share  -machine:server01 


Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Restore-WBCatalog  cmdlet 


wbadmin  delete  catalog 
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Deletes  the  backup  catalog  that  is  stored  on  the  local  computer.  Use  this  command  when  the  backup  catalog  has 
been  corrupted  and  you  cannot  restore  it  using  wbadmin  restore  catalog. 

To  delete  a  backup  catalog  with  this  subcommand,  you  must  be  a  member  of  the  Backup  Operators  group  or  the 
Administrators  group,  or  you  must  have  been  delegated  the  appropriate  permissions.  In  addition,  you  must  run 
wbadmin  from  an  elevated  command  prompt.  (To  open  an  elevated  command  prompt  right-click  Command 
Prompt,  and  then  click  Run  as  administrator.) 

Syntax 

wbadmin  delete  catalog 
[-quiet] 


Parameters 

PARAMETER  DESCRIPTION 

-quiet  Runs  the  subcommand  with  no  prompts  to  the  user. 

Remarks 

If  you  delete  the  backup  catalog  for  a  computer,  you  will  not  be  able  to  access  the  backups  created  of  that  computer 
using  the  Windows  Server  Backup  snap-in.  In  this  case,  if  you  can  access  another  backup  location,  use  wbadmin 
restore  catalog  to  restore  the  backup  catalog  from  that  location.  You  should  create  a  new  backup  once  your 
backup  catalog  is  deleted. 

Additional  references 

•  Command-Line  Syntax  Key 

•  Wbadmin 

•  Remove-WBCatalog 


wdsutil 
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Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

wdsutil  is  a  command-line  utility  used  for  managing  your  Windows  Deployment  Services  server.  To  run  these 
commands,  click  start,  right-click  Command  prompt,  and  click  Run  as  administrator. 

Commands 


COMMAND 

DESCRIPTION 

Using  the  add  Command 

adds  objects  or  prestages  computers. 

Using  the  Approve- Autoadd  Devices  Command 

Approves  computers  that  are  pending  administrator  approval. 

Using  the  convert- Riprepl mage  Command 

converts  an  existing  remote  Installation  Preparation  (RIPrep) 
image  to  a  Windows  Image  (.wim)  file. 

Using  the  copy  Command 

Copies  an  image  or  a  driver  group. 

Using  the  delete-  Autoadd  Devices  Command 

deletes  computers  that  are  in  the  Auto-add  database  (which 
stores  information  about  the  computers  on  the  server). 

Using  the  Disable  Command 

Disables  all  services  for  Windows  Deployment  Services. 

Using  the  Disconnect-Client  Command 

Disconnects  a  client  from  a  multicast  transmission  or 

namespace. 

Using  the  Enable  Command 

Enables  all  services  for  Windows  Deployment  Services. 

Using  the  Export-Image  Command 

Exports  an  image  from  the  image  store  to  a  .wim  file. 

Using  The  get  Command 

Retrieves  properties  and  attributes  about  the  specified  object. 

Using  the  Initialize- Server  Command 

Configures  a  Windows  Deployment  Services  server  for  initial 

use. 

Using  the  New  Command 

creates  new  capture  and  discover  images  as  well  as  multicast 
transmissions  and  namespaces. 

The  progress  Command 

Displays  the  progress  status  while  a  command  is  being 
executed. 

Using  The  Reject- Autoadd  Devices  Command 

Rejects  computers  that  are  pending  administrator  approval. 

Using  the  remove  Command 

removes  objects. 

COMMAND 


DESCRIPTION 


Using  the  replace-lmage  Command 

replaces  a  boot  or  installation  image  with  a  new  version  of 
that  image. 

The  Set  Command 

Sets  properties  and  attributes  on  the  specified  object. 

The  start  Server  Command 

starts  all  services  on  the  Windows  Deployment  Services 
server,  including  multicast  transmissions,  namespaces,  and  the 
Transport  Server. 

The  Stop  Server  Command 

Stops  all  services  on  the  Windows  Deployment  Services  server. 

The  uninitialize- Server  Option 

reverts  changes  made  during  server  initialization. 

The  Update- ServerFiles  Command 

Updates  server  files  on  the  remotelnstall  share. 

The  verbose  Command 

Displays  verbose  output  for  the  specified  command. 

wecutil 
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Enables  you  to  create  and  manage  subscriptions  to  events  that  are  forwarded  from  remote  computers,  which 
support  WS-Management  protocol.  For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

wecutil  [{es  |  enum-subscription}] 

[{gs  |  get-subscription}  <Subid>  [/f :<Format>]  [/uni:<Unicode>]] 

[{gr  |  get-subscriptionruntimestatus}  <Subid>  [<Eventsource>  ...]] 

[{ss  |  set-subscription}  [<Subid>  [/e: [<Subenabled>] ]  [/esa:<Address>]  [/ese: [<Srcenabled>] ]  [/aes]  [/res] 

[/un : <Username>]  [/up:<Password>]  [/d:<Desc>]  [/uri:<Uri>]  [/cm:<Configmode>]  [/ex:<Expires>]  [/q:<Query>] 
[/dia : <Dialect>]  [/tn:<Transportname>]  [/tp:<Transportport>]  [/dm:<Deliverymode>]  [/dmi : <Deliverymax>]  [/dmlt: 
<Deliverytime>]  [/hi : <Heartbeat>]  [/cf :<Content>]  [/l:<Locale>]  [/ree : [<Readexist>] ]  [/If :<Logfile>]  [/pn: 
<Publishername>]  [/essp:<Enableport>]  [/hn : <Hostname>]  [/ct : <Type>] ]  [/c:<Configfile>  [/cun : <Username>  /cup: 
<Password>] ] ] 

[{cs  |  create-subscription}  <Configfile>  [/cun:<Username>  /cup:<Password>] ] 

[{ds  |  delete-subscription}  <Subid>] 

[{rs  |  retry-subscription}  <Subid>  [<Eventsource>.„] ] 

[{qc  |  quick-config}  [/q : [<Quiet>] ] ] . 


Parameters 


PARAMETER 

DESCRIPTION 

{es 

enum-subscription} 

{gs 

get-subscription}  <Subid>  [/f:]  [/uni:] 

{gr 

get-subscriptionruntimestatus}  <Subid>  [ ...] 

{ss 

set-subscription}  <Subid>  [/e:[]]  [/esa: 

]  [/ese:0]  [/aes]  [/res]  [/un:]  [/up:]  [/d:]  [/uri:]  [/cm:]  [/ex:]  [/q:] 
[/dia:]  [/tn:]  [/tp:]  [/dm:]  [/dmi:]  [/dmlt:]  [/hi:]  [/cf:]  [/l:]  [/ree:Q] 
[/If:]  [/pn:]  [/essp:]  [/hn:]  [/ct:] 

or 

[ss 

{cs 

create-subscription}  <Configfile>  [/cun: /cup:] 

{ds 

delete-subscription}  <Subid> 

{rs 

retry-subscription}  <Subid>  [...] 

{qc 

quick-config}  [/q:[< Quiet>]] 

Options 


OPTION 


DESCRIPTION 


/f:<  Format  > 

Specifies  the  format  of  the  information  that  is  displayed. 
<Format>  can  be  XML  or  Terse.  If  is  XML,  the  output  is 
displayed  in  XML  format.  If  is  Terse,  the  output  is  displayed  in 
name-value  pairs.  The  default  is  Terse. 

/c:<  Configfile> 

Specifies  the  path  to  the  XML  file  that  contains  a  subscription 
configuration.  The  path  can  be  absolute  or  relative  to  the 
current  directory.  This  option  can  only  be  used  with  the  /cun 
and  /cup  options  and  is  mutually  exclusive  with  all  other 
options. 

/e:[<Subenabled>] 

Enables  or  disables  a  subscription.  <Subenabled>  can  be  true 
or  false.  The  default  value  of  this  option  is  true. 

/esa:<Address> 

Specifies  the  address  of  an  event  source.  <Address>  is  a  string 
that  contains  a  fully  qualified  domain  name,  a  NetBIOS  name, 
or  an  IP  address,  which  identifies  a  computer  that  serves  as  a 
source  of  events.  This  option  should  be  used  with  the  /ese, 
/aes,  /res,  or  /un  and  /up  options. 

/ese:[<  Srcenabled  >] 

Enables  or  disables  an  event  source.  <Srcenabled>  can  be  true 
or  false.  This  option  is  allowed  only  if  the  /esa  option  is 
specified.  The  default  value  of  this  option  is  true. 

/aes 

Adds  the  event  source  that  is  specified  by  the  /esa  option  if  it 
is  not  already  a  part  of  the  subscription.  If  the  address 
specified  by  the  /esa  option  is  already  a  part  of  the 
subscription,  an  error  is  reported.  This  option  is  only  allowed  if 
the  /esa  option  is  specified. 

/res 

Removes  the  event  source  that  is  specified  by  the  /esa  option 
if  it  is  already  a  part  of  the  subscription.  If  the  address 
specified  by  the  /esa  option  is  not  a  part  of  the  subscription, 
an  error  is  reported.  This  option  is  only  allowed  if  /esa  option 
is  specified. 

/un:<Username> 

Specifies  the  user  credential  to  use  with  the  event  source 
specified  by  the  /esa  option.  This  option  is  only  allowed  if  the 
/esa  option  is  specified. 

/up:<  Password  > 

Specifies  the  password  that  corresponds  to  the  user  credential. 
This  option  is  only  allowed  if  the/un  option  is  specified. 

/d:<Desc> 

Provides  a  description  for  the  subscription. 

/uri:<Uri> 

Specifies  the  type  of  the  events  that  are  consumed  by  the 
subscription.  <Uri>  contains  a  URI  string  that  is  combined 
with  the  address  of  the  event  source  computer  to  uniquely 
identify  the  source  of  the  events.  The  URI  string  is  used  for  all 
event  source  addresses  in  the  subscription. 

OPTION 


DESCRIPTION 


/cm:<Configmode> 

Sets  the  configuration  mode.  <Configmode>  can  be  one  of 
the  following  strings:  Normal,  Custom,  MinLatency  or 
MinBandwidth.  The  Normal,  MinLatency,  and  MinBandwidth 
modes  set  delivery  mode,  delivery  max  items,  heartbeat 
interval,  and  delivery  max  latency  time.  The  /dm,  /dmi,  /hi  or 
/dmlt  options  may  only  be  specified  if  the  configuration  mode 
is  set  to  Custom. 

/ex:<Expires> 

Sets  the  time  when  the  subscription  expires.  <Expires>  should 
be  defined  in  standard  XML  or  ISO8601  date-time  format: 
yyyy-MM-ddThh:mm:ss[.sss][Z],  where  T  is  the  time  separator 
and  Z  indicates  UTC  time. 

/q:<Query> 

Specifies  the  query  string  for  the  subscription.  The  format  of 
< Query >  may  be  different  for  different  URI  values  and  applies 
to  all  sources  in  the  subscription. 

/dia:<Dialect> 

Defines  the  dialect  that  the  query  string  will  use. 

/tn:<Transportname> 

Specifies  the  name  of  the  transport  that  is  used  to  connect  to 
a  remote  event  source. 

/tp:<Transportport> 

Sets  the  port  number  that  is  used  by  the  transport  when 
connecting  to  a  remote  event  source. 

/dm:<  Deliverymode> 

Specifies  the  delivery  mode.  <  Deliverymode>  can  be  either 
pull  or  push.  This  option  is  only  valid  if  the  /cm  option  is  set 
to  Custom. 

/dmi:  <  Deliverymax> 

Sets  the  maximum  number  of  items  for  batched  delivery.  This 
option  is  only  valid  if  /cm  is  set  to  Custom. 

/dmlt:<  Deliverytime> 

Sets  the  maximum  latency  in  delivering  a  batch  of  events. 

<  Deliverytime>  is  the  number  of  milliseconds.  This  option  is 
only  valid  if /cm  is  set  to  Custom. 

/hi:  <  Heartbeat  > 

Defines  the  heartbeat  interval.  <  Heartbeat  is  the  number  of 
milliseconds.  This  option  is  only  valid  if /cm  is  set  to  Custom. 

/cf:<  Content  > 

Specifies  the  format  of  the  events  that  are  returned. 

<Content>  can  be  Events  or  RenderedText.  When  the  value  is 
RenderedText,  the  events  are  returned  with  the  localized 
strings  (such  as  event  description)  attached  to  the  event.  The 
default  value  is  RenderedText. 

/l:<Locale> 

Specifies  the  locale  for  delivery  of  the  localized  strings  in 
RenderedText  format.  <Locale>  is  a  language  and 
country/region  identifier,  for  example,  "EN-us".  This  option  is 
only  valid  if  the  /cf  option  is  set  to  RenderedText. 

/ree:[<Readexist>] 

Identifies  the  events  that  will  be  delivered  for  the  subscription. 
<Readexist>  can  true  or  false.  When  the  is  true,  all  existing 
events  are  read  from  the  subscription  event  sources.  When 
the  is  false,  only  future  (arriving)  events  are  delivered.  The 
default  value  is  true  for  a  /ree  option  without  a  value.  If  no 
/ree  option  is  specified,  the  default  value  is  false. 

OPTION 


DESCRIPTION 


/If:  <  Logfile> 

Specifies  the  local  event  log  that  is  used  to  store  events 
received  from  the  event  sources. 

/pn:<  Publishername> 

Specifies  the  publisher  name.  It  must  be  a  publisher  that  owns 
or  imports  the  log  specified  by  the  /If  option. 

/essp:<Enableport> 

Specifies  that  the  port  number  must  be  appended  to  the 
service  principal  name  of  the  remote  service.  <Enableport> 
can  be  true  or  false.  The  port  number  is  appended  when  is 
true.  When  the  port  number  is  appended,  some  configuration 
may  be  required  to  prevent  the  access  to  event  sources  from 
being  denied. 

/hn:<Hostname> 

Specifies  the  DNS  name  of  the  local  computer.  This  name  is 
used  by  remote  event  source  to  push  back  events  and  must 
be  used  only  for  a  push  subscription. 

/ct:<Type> 

Sets  the  credential  type  for  the  remote  source  access.  <Type> 
should  be  one  of  the  following  values:  default,  negotiate, 
digest,  basic  or  localmachine.  The  default  value  is  default. 

/cun:<Comusername> 

Sets  the  shared  user  credential  to  be  used  for  event  sources 
that  do  not  have  their  own  user  credentials.  If  this  option  is 
specified  with  the  /c  option,  UserName  and  UserPassword 
settings  for  individual  event  sources  from  the  configuration  file 
are  ignored.  If  you  want  to  use  a  different  credential  for  a 
specific  event  source,  you  should  override  this  value  by 
specifying  the  /un  and  /up  options  for  a  specific  event  source 
on  the  command  line  of  another  ss  command. 

/cu  p:  <  Compassword  > 

Sets  the  user  password  for  the  shared  user  credential.  When 
<  Compassword  >  is  set  to  *  (asterisk),  the  password  is  read 
from  the  console.  This  option  is  only  valid  when  the  /cun 
option  is  specified. 

/q:[<Quiet>]  Specifies  whether  the  configuration  procedure  will  prompt  for 

confirmation.  <Quiet>  can  be  true  or  false.  If  is  true,  the 
configuration  procedure  will  not  prompt  for  confirmation.  The 
default  value  of  this  option  is  false. 


Remarks 


IMPORTANT 

If  you  receive  the  message,  "The  RPC  server  is  unavailable^?  when  you  try  to  run  wecutil,  you  need  to  start  the  Windows 
Event  Collector  service  (wecsvc).  To  start  wecsvc,  at  an  elevated  command  prompt  type  net  start  wecsvc. 

•  The  following  example  shows  the  contents  of  a  configuration  file: 

<Subsc nipt ion  xmlns=" https : //schemas . microsoft . com/ 2006/03/ windows /events/ subscript ion" > 

<Uri>https : //schemas . micnosoft . com/wbem/wsman/l/windows/Eventl_og</Uri>  <!--  Use  Normal  (default).  Custom, 
MinLatency,  MinBandwidth  -->  cConf igurationMode>Normal</Conf igurationMode>  <Description>Forward  Sample 
Subscription</Description>  <SubscriptionId>SampleSubscription</SubscriptionId>  <Query>< ! [CDATA[ 
<QueryList>  <Query  Path="Application">  <Select>*</Select>  </Query>  </QueryList>  ]]></Query> 

<EventSources>  <EventSource  Enabled="true">  <Address>mySource .myDomain . com</Address> 
<UserName>myUserName</UserName>  <Password>*</Password>  </EventSource>  </EventSources> 

< C redent ia 1 sTy pe>Default< /Credent ialsType>  < Locale  Language=" EN-US" ></Locale>  < /Subscript ion > 


Examples 

Output  configuration  information  for  a  subscription  named  subl : 

wecutil  gs  subl 


Example  output: 

EventSource[0] : 

Address:  localhost 
Enabled:  true 

Description:  Subscription  1 
Uri:  wsman :microsoft/logrecord/sel 
DeliveryMode :  pull 
DeliveryMaxSize:  16000 
DeliveryMaxItems :  15 
DeliveryMaxLatencyTime :  1000 
Heartbeatlnterval :  10000 
Locale: 

ContentFormat:  renderedtext 
LogFile:  HardwareEvents 


Display  the  runtime  status  of  a  subscription  named  subl : 

wecutil  gr  subl 


Update  the  subscription  configuration  named  subl  from  a  new  XML  file  called  WsSelRg2.xml: 

wecutil  ss  subl  /c:%Windir%\system32\WsSelRg2.xml 


Update  the  subscription  configuration  named  sub2  with  multiple  parameters: 

wecutil  ss  sub2  /esa:myComputer  /ese  /un:uname  /up:*  /cm:Normal 


Create  a  subscription  to  forward  events  from  a  Windows  Vista  Application  event  log  of  a  remote  computer  at 
mySource.myDomain.com  to  the  ForwardedEvents  log  (see  Remarks  for  an  example  of  a  configuration  file): 

wecutil  cs  subscription. xml 


Delete  a  subscription  named  subl : 

wecutil  ds  subl 

Additional  references 

Command-Line  Syntax  Key 


wevtutil 

4/1 3/2018  •  6  min  to  read  •  Edit  Online 


Enables  you  to  retrieve  information  about  event  logs  and  publishers.  You  can  also  use  this  command  to  install  and 
uninstall  event  manifests,  to  run  queries,  and  to  export,  archive,  and  clear  logs.  For  examples  of  how  to  use  this 
command,  see  Examples. 

Syntax 

wevtutil  [{el  |  enum-logs}]  [{gl  |  get-log}  <Logname>  [/f : <Format>] ] 

[{si  |  set-log}  <Logname>  [/e:<Enabled>]  [/i:<Isolation>]  [/lfn : <Logpath>]  [/rt : <Retention>]  [/ab:<Auto>]  [/ms: 
<Size>]  [/l:<Level>]  [/k:<Keywords>]  [/ca : <Channel>]  [/c :<Config>] ] 

[{ep  |  enum-publishers}] 

[{gp  |  get-publisher}  <Publishername>  [/ge : <Metadata>]  [/gm:<Message>]  [/f :<Format>] ]  [{im  |  install-manifest} 
<Manifest>] 

[{um  |  uninstall-manifest}  <Manifest>]  [{qe  |  query-events}  <Path>  [/If :<Logfile>]  [/sq : <Structquery>]  [/q: 
<Query>]  [/bm: <Bookmark>]  [/sbm:<Savebm>]  [/rd:<Direction>]  [/f : <Format>]  [/l:<Locale>]  [/c:<Count>]  [/e: 
<Element>] ] 

[{gli  |  get-loginfo}  <Logname>  [/If : <Logfile>] ] 

[{epl  |  export-log}  <Path>  <Exportfile>  [/If :<Logfile>]  [/sq:<Structquery>]  [/q:<Query>]  [/ow:<Overwrite>]] 

[{al  |  archive-log}  <Logpath>  [/l:<Locale>]] 

[{cl  |  clear-log}  <Logname>  [/bu : <Backup>] ]  [/r: <Remote>]  [/u : <Username>]  [/p:<Password>]  [/a:<Auth>]  [/uni: 
<Unicode>] 


Parameters 


PARAMETER 

DESCRIPTION 

{el 

enum-logs} 

{gi 

get-log}  <Logname>  [/f:] 

{si 

set-log}  <Logname>  [/e:]  [/i:]  [/lfn:]  [/rt:]  [/ab:]  [/ms:]  [/I:]  [/k:] 

[/ca:]  [/c] 

{ep 

enum-publishers} 

{gp 

get-publisher}  <Publishername>  [/ge:]  [/gm:]  [/f:]] 

{im 

install-manifest}  <Manifest> 

{um 

uninstall-manifest}  <Manifest> 

{qe 

query-events}  <Path>  [/If:]  [/sq:]  [/q:]  [/bm:]  [/sbm:]  [/rd:]  [/f:] 

[/I:]  I/d  [/e:] 

{gli 

get-loginfo}  <Logname>  [/If:] 

{epl 

export- log}  <Path>  [/If:]  [/sq:]  [/q:]  [/ow:] 

{al 

archive-log}  <Logpath>  [/I:] 

PARAMETER 


DESCRIPTION 


{cl 

clear-log}  <Logname>  [/bu:] 

Options 

OPTION 

DESCRIPTION 

/f:<  Format  > 

Specifies  that  the  output  should  be  either  XML  or  text  format. 

If  <Format>  is  XML,  the  output  is  displayed  in  XML  format.  If 
is  Text,  the  output  is  displayed  without  XML  tags.  The  default 
is  Text. 

/e:<Enabled> 

Enables  or  disables  a  log.  <  Enabled >  can  be  true  or  false. 

/i:  <  Isolation  > 

Sets  the  log  isolation  mode.  <  Isolation  >  can  be  system, 
application  or  custom.  The  isolation  mode  of  a  log  determines 
whether  a  log  shares  a  session  with  other  logs  in  the  same 
isolation  class.  If  you  specify  system  isolation,  the  target  log 
will  share  at  least  write  permissions  with  the  System  log.  If  you 
specify  application  isolation,  the  target  log  will  share  at  least 
write  permissions  with  the  Application  log.  If  you  specify 
custom  isolation,  you  must  also  provide  a  security  descriptor 
by  using  the  /ca  option. 

/Ifn:  <  Log  path  > 

Defines  the  log  file  name.  <Logpath>  is  a  full  path  to  the  file 
where  the  Event  Log  service  stores  events  for  this  log. 

/rt:<  Retention  > 

Sets  the  log  retention  mode.  <  Retention >  can  be  true  or  false. 
The  log  retention  mode  determines  the  behavior  of  the  Event 

Log  service  when  a  log  reaches  its  maximum  size.  If  an  event 
log  reaches  its  maximum  size  and  the  log  retention  mode  is 
true,  existing  events  are  retained  and  incoming  events  are 
discarded.  If  the  log  retention  mode  is  false,  incoming  events 
overwrite  the  oldest  events  in  the  log. 

/ab:<Auto> 

Specifies  the  log  auto-backup  policy.  <Auto>  can  be  true  or 
false.  If  this  value  is  true,  the  log  will  be  backed  up 
automatically  when  it  reaches  the  maximum  size.  If  this  value 
is  true,  the  retention  (specified  with  the  /rt  option)  must  also 
be  set  to  true. 

/ms:<Size> 

Sets  the  maximum  size  of  the  log  in  bytes.  The  minimum  log 
size  is  1048576  bytes  (1024KB)  and  log  files  are  always 
multiples  of  64KB,  so  the  value  you  enter  will  be  rounded  off 
accordingly. 

/I:  <  Level  > 

Defines  the  level  filter  of  the  log.  <  Level  >  can  be  any  valid 
level  value.  This  option  is  only  applicable  to  logs  with  a 
dedicated  session.  You  can  remove  a  level  filter  by  setting  to  0. 

/k:<Keywords> 

Specifies  the  keywords  filter  of  the  log.  <Keywords>  can  be 
any  valid  64  bit  keyword  mask.  This  option  is  only  applicable 
to  logs  with  a  dedicated  session. 

OPTION 


DESCRIPTION 


/ca:<Channel> 

Sets  the  access  permission  for  an  event  log.  <Channel>  is  a 
security  descriptor  that  uses  the  Security  Descriptor  Definition 
Language  (SDDL).  For  more  information  about  SDDL  format, 
see  the  Microsoft  Developers  Network  (MSDN)  Web  site 

(https://msdn.microsoft.com). 

/c:<Config> 

Specifies  the  path  to  a  configuration  file.  This  option  will  cause 
log  properties  to  be  read  from  the  configuration  file  defined  in 
<  Config  > .  If  you  use  this  option,  you  must  not  specify  a 
parameter.  The  log  name  will  be  read  from  the  configuration 
file. 

/ge:<Metadata> 

Gets  metadata  information  for  events  that  can  be  raised  by 
this  publisher.  <Metadata>  can  be  true  or  false. 

/gm:<Message> 

Displays  the  actual  message  instead  of  the  numeric  message 

ID.  <Message>  can  be  true  or  false. 

/If:  <  Logfile> 

Specifies  that  the  events  should  be  read  from  a  log  or  from  a 
log  file.  <Logfile>  can  be  true  or  false,  if  true,  the  parameter  to 
the  command  is  the  path  to  a  log  file. 

/sq:<Structquery> 

Specifies  that  events  should  be  obtained  with  a  structured 
query.  <Structquery>  can  be  true  or  false.  If  true,  is  the  path 
to  a  file  that  contains  a  structured  query. 

/q:<Query> 

Defines  the  XPath  query  to  filter  the  events  that  are  read  or 
exported.  If  this  option  is  not  specified,  all  events  will  be 
returned  or  exported.  This  option  is  not  available  when  /sq  is 

true. 

/bm:<Bookmark> 

Specifies  the  path  to  a  file  that  contains  a  bookmark  from  a 
previous  query. 

/sbm:<Savebm> 

Specifies  the  path  to  a  file  that  is  used  to  save  a  bookmark  of 
this  query.  The  file  name  extension  should  be  .xml. 

/rd:<  Direction  > 

Specifies  the  direction  in  which  events  are  read.  <  Direction > 
can  be  true  or  false.  If  true,  the  most  recent  events  are 
returned  first. 

/l:<Locale> 

Defines  a  locale  string  that  is  used  to  print  event  text  in  a 
specific  locale.  Only  available  when  printing  events  in  text 
format  using  the  /f  option. 

/c:<Count> 

Sets  the  maximum  number  of  events  to  read. 

/e:<  Element  > 

Includes  a  root  element  when  displaying  events  in  XML. 
<Element>  is  the  string  that  you  want  within  the  root 
element.  For  example,  /e:root  would  result  in  XML  that 
contains  the  root  element  pair  <root>. 

OPTION 


DESCRIPTION 


/ow:<Overwrite> 

Specifies  that  the  export  file  should  be  overwritten. 

<Overwrite>  can  be  true  or  false.  If  true,  and  the  export  file 
specified  in  already  exists,  it  will  be  overwritten  without 
confirmation. 

/bu:<  Backup  > 

Specifies  the  path  to  a  file  where  the  cleared  events  will  be 
stored.  Include  the  .evtx  extension  in  the  name  of  the  backup 
file. 

/r:<Remote> 

Runs  the  command  on  a  remote  computer.  <Remote>  is  the 
name  of  the  remote  computer.  The  im  and  um  parameters  do 
not  support  remote  operation. 

/u:<Username> 

Specifies  a  different  user  to  log  on  to  a  remote  computer. 
<Username>  is  a  user  name  in  the  form  domain\user  or  user. 

This  option  is  only  applicable  when  the  /r  option  is  specified. 

/p:<  Password  > 

Specifies  the  password  for  the  user.  If  the  /u  option  is  used 
and  this  option  is  not  specified  or  <Password>  is  the  user 
will  be  prompted  to  enter  a  password.  This  option  is  only 
applicable  when  the  **/u*  option  is  specified. 

/a:<Auth> 

Defines  the  authentication  type  for  connecting  to  a  remote 
computer.  <Auth>  can  be  Default,  Negotiate,  Kerberos  or 

NTLM.  The  default  is  Negotiate. 

/uni:<Unicode> 

Displays  the  output  in  Unicode.  <  Unicode>  can  be  true  or 
false.  If  is  true  then  the  output  is  in  Unicode. 

Remarks 

•  Using  a  configuration  file  with  the  si  parameter 

The  configuration  file  is  an  XML  file  with  the  same  format  as  the  output  of  wevtutil  gl  <Logname>  /f:xml. 

The  following  example  shows  the  format  of  a  configuration  file  that  enables  retention,  enables  autobackup, 
and  sets  the  maximum  log  size  on  the  Application  log: 

<?xml  version="1.0"  encoding="UTF-8" ?> 

cchannel  name="Application"  isolation="Application" 

xmlns=" https : //schemas . microsoft . com/win/2004/08/events"> 

<logging> 

< retention >true</ retention > 

<autoBackup>true</autoBackup> 

<maxSize>9000000</maxSize> 

</logging> 

<publishing> 

</publishing> 

</channel> 

Examples 

List  the  names  of  all  logs: 

wevtutil  el 

Display  configuration  information  about  the  System  log  on  the  local  computer  in  XM  L  format: 


wevtutil  gl  System  /f:xml 


Use  a  configuration  file  to  set  event  log  attributes  (see  Remarks  for  an  example  of  a  configuration  file): 
wevtutil  si  /c:config.xml 


Display  information  about  the  Microsoft-Windows-Eventlog  event  publisher,  including  metadata  about  the  events 
that  the  publisher  can  raise: 

wevtutil  gp  Microsoft-Windows-Eventlog  /ge:true 


Install  publishers  and  logs  from  the  myManifest.xml  manifest  file: 

wevtutil  im  myManifest.xml 


Uninstall  publishers  and  logs  from  the  myManifest.xml  manifest  file: 

wevtutil  urn  myManifest.xml 


Display  the  three  most  recent  events  from  the  Application  log  in  textual  format: 

wevtutil  qe  Application  /c:3  /rditrue  /f:text 


Display  the  status  of  the  Application  log: 
wevtutil  gli  Application 


Export  events  from  System  log  to  C:\backup\system0506.evtx: 
wevtutil  epl  System  C:\backup\system0506.evtx 


Clear  all  of  the  events  from  the  Application  log  after  saving  them  to  C:\admin\backups\a10306.evtx: 


wevtutil  cl  Application  /bu:C:\admin\backups\al0306.evtx 


Additional  References 


Command-Line  Syntax  Key 


where 
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Displays  the  location  of  files  that  match  the  given  search  pattern. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

where  [/r  <Dir>]  [/q]  [/f]  [/t]  [$<ENV>: |<Path>: ]<Pattern>[  ...] 


Parameters 

PARAMETER  DESCRIPTION 


/r  <Dir> 

Indicates  a  recursive  search,  starting  with  the  specified 
directory. 

/q 

Returns  an  exit  code  (0  for  success,  1  for  failure)  without 
displaying  the  list  of  matched  files. 

/f 

Displays  the  results  of  the  where  command  in  quotation 
marks. 

/t 

Displays  the  file  size  and  the  last  modified  date  and  time  of 
each  matched  file. 

[$<ENV>: 

:][ ...] 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  If  you  do  not  specify  a  file  name  extension,  the 

extensions  listed  in  the  PATH  EXT  environment  variable  are 

appended  to  the  pattern  by  default. 

•  Where  can  run  recursive  searches,  display  file 

information  such  as  date  or  size,  and  accept  environment 

variables  in  place  of  paths  on  local  computers. 

Examples 

To  find  all  files  named  Test  in  drive  C  of  the  current  computer  and  its  subdirectories,  type: 

where  /r  c:\  test 

To  list  all  files  in  the  Public  directory,  type: 

where  $public:*.* 

To  find  all  files  named  Notepad  in  drive  C  of  the  remote  computer,  Computer"!,  and  its  subdirectories,  type: 


where  /r  \\computerl\c  notepad.* 


Additional  references 

Command-Line  Syntax  Key 


whoami 
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Displays  user,  group  and  privileges  information  for  the  user  who  is  currently  logged  on  to  the  local  system.  If  used 
without  parameters,  whoami  displays  the  current  domain  and  user  name. 

For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

whoami  [/upn  |  /fqdn  |  /logonid] 

whoami  {[/user]  [/groups]  [/priv]}  [/fo  <Format>]  [/nh] 
whoami  /all  [/fo  <Format>]  [/nh] 

Parameters 


PARAMETER 

DESCRIPTION 

/upn 

Displays  the  user  name  in  user  principal  name  (UPN)  format. 

/fqdn 

Displays  the  user  name  in  fully  qualified  domain  name  (FQDN) 
format. 

/logonid 

Displays  the  logon  ID  of  the  current  user. 

/user 

Displays  the  current  domain  and  user  name  and  the  security 
identifier  (SID). 

/groups 

Displays  the  user  groups  to  which  the  current  user  belongs. 

/priv 

Displays  the  security  privileges  of  the  current  user. 

/fo  <Format> 

Specifies  the  output  format.  Valid  values  include: 
table  Displays  output  in  a  table.  This  is  the  default  value, 
list  Displays  output  in  a  list. 

csv  Displays  output  in  comma-separated  value  (CSV)  format. 

/all 

Displays  all  information  in  the  current  access  token,  including 
the  current  user  name,  security  identifiers  (SID),  privileges,  and 
groups  that  the  current  user  belongs  to. 

/nh 

Specifies  that  the  column  header  should  not  be  displayed  in 
the  output.  This  is  valid  only  for  table  and  CSV  formats. 

/? 

Displays  help  at  the  command  prompt. 

Examples 

To  display  the  domain  and  user  name  of  the  person  who  is  currently  logged  on  to  this  computer,  type: 


whoami 


Output  similar  to  the  following  appears: 


DOMAINl\administrator 


To  display  all  of  the  information  in  the  current  access  token,  type: 


whoami  /all 


Additional  references 

Command-Line  Syntax  Key 


winnt 
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Winnt  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  Winnt. 


winnt32 

4/1 3/2018  •  8  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


Performs  an  installation  of  or  upgrade  to  a  product  in  Windows  Server  2003.  You  can  run  winnt32  at  the 
command  prompt  on  a  computer  running  Windows  95,  Windows  98,  Windows  Millennium  edition,  Windows  NT, 
Windows  2000,  Windows  XP,  or  a  product  in  the  Windows  Server  2003.  If  you  run  winnt32  on  a  computer 
running  Windows  NT  version  4.0,  you  must  first  apply  Service  Pack  5  or  later. 

Syntax 

winnt32  [/checkupgradeonly]  [/cmd:  <CommandLine>]  [/cmdcons]  [/copydir :{i386 1  ia64}\<Foldenl\lame>]  [/copysource: 
<FolderName>]  [/debug[<Level>] : [  <FileName>]]  [/dudisable]  [/duprepare:  <pathName>]  [/dushare:  <pathName>] 
[/emsport : {coml | com2 | usebiossettings |off }]  [/emsbaudrate:  <BaudRate>]  [/m:  <FolderName>]  [/makelocalsource] 
[/noreboot]  [/s:  <Sourcepath>]  [/syspart:  <DriveLetter>]  [/tempdrive:  <DriveLetter>]  [/udf:  <ID>[,<UDB_File>] ] 
[/unattend[<Num>] : [  <AnswerFile>] ] 


Parameters 


PARAMETER 

DESCRIPTION 

/checkupgradeonly 

Checks  your  computer  for  upgrade  compatibility  with 
products  in  Windows  Server  2003. 

if  you  use  this  option  with  /unattend,  no  user  input  is 
required.  Otherwise,  the  results  are  displayed  on  the  screen, 
and  you  can  save  them  under  the  file  name  you  specify.  The 
default  file  name  is  upgrade.txt  in  the  systemroot  folder. 

/cmd 

Instructs  setup  to  carry  out  a  specific  command  before  the 
final  phase  of  setup.  This  occurs  after  your  computer  has 
restarted  and  after  setup  has  collected  the  necessary 
configuration  information,  but  before  setup  is  complete. 

Specifies  the  commandline  to  be  carried  out  before  the  final 
phase  of  setup. 

/cmdcons 

On  an  x86-based  computer,  installs  the  recovery  Console  as  a 
startup  option.  The  recovery  Console  is  a  command-line 
interface  from  which  you  can  perform  tasks  such  as  starting 
and  stopping  services  and  accessing  the  local  drive  (including 
drives  formatted  with  NTFS).  You  can  only  use  the  /cmdcons 
option  after  setup  is  finished. 

PARAMETER 


DESCRIPTION 


/copydir  creates  an  additional  folder  within  the  folder  in  which  the 

operating  system  files  are  installed,  for  example,  for  x86  and 
x64-based  computers,  you  could  create  a  folder  called 
Private_d rivers  within  the  i386  source  folder  for  your 
installation,  and  place  driver  files  in  the  folder,  type 
/copydir:i386\Private_drivers  to  have  setup  copy  that  folder 
to  your  newly  installed  computer,  making  the  new  folder 
I  oca  t  i  o  n  sy  ste  m  r  o  o  t\Priva  te_  drivers . 

-  i386  specifies  i386 

-  ia64  specifies  ia64 


You  can  use  /copydir  to  create  as  many  additional  folders  as 
you  want. 


Specifies  the  folder  that  you  created  to  hold  modifications  for 
your  site. 

/copysource 

creates  a  temporary  additional  folder  within  the  folder  in 
which  the  operating  system  files  are  installed.  You  can  use 
/copysource  to  create  as  many  additional  folders  as  you 
want. 

Unlike  the  folders  /copydir  creates,  /copysource  folders  are 
deleted  after  Setup  completes. 

/debug 

creates  a  debug  log  at  the  level  specified,  for  example, 

/debug4:Debug.log.  The  default  log  file  is  C:\ 

systemroot\winnt32.log,  and 

Level  Values  and  descriptions 

-  0:  Severe  Errors 

-  1 :  Errors 

-  2:  Default  level.  Warnings 

-  3:  Information 

-  4:  detailed  information  for  debugging 

Each  level  includes  the  levels  below  it. 

/dudisable 

Prevents  Dynamic  Update  from  running.  Without  Dynamic 
Update,  setup  runs  only  with  the  original  setup  files.  This 
option  will  disable  Dynamic  Update  even  if  you  use  an  answer 
file  and  specify  Dynamic  Update  options  in  that  file. 

/duprepare 

Carries  out  preparations  on  an  installation  share  so  that  it  can 
be  used  with  Dynamic  Update  files  that  you  downloaded  from 
the  Windows  Update  Web  site.  This  share  can  then  be  used 
for  installing  Windows  XP  for  multiple  clients. 

Specifies  full  path  name. 

/dushare 

Specifies  a  share  on  which  you  previously  downloaded 

Dynamic  Update  files  (updated  files  for  use  with  Setup)  from 
the  Windows  Update  Web  site,  and  on  which  you  previously 
ran  /duprepare:<  pathName>.  When  run  on  a  client, 
specifies  that  the  client  installation  will  make  use  of  the 
updated  files  on  the  share  specified  in  . 

PARAMETER 


DESCRIPTION 


/emsport  Enables  or  disables  Emergency  Management  Services  during 

setup  and  after  the  server  operating  system  has  been 
installed.  With  Emergency  Management  Services,  you  can 
remotely  manage  a  server  in  emergency  situations  that  would 
typically  require  a  local  keyboard,  mouse,  and  monitor,  such  as 
when  the  network  is  unavailable  or  the  server  is  not 
functioning  properly.  Emergency  Management  Services  has 
specific  hardware  requirements,  and  is  available  only  for 
products  in  Windows  Server  2003. 

-  coml  is  applicable  only  for  x86-based  computers  (not 
Itanium  architecture-based  computers). 

-  com2is  applicable  only  for  x86-based  computers  (not 
Itanium  architecture-based  computers). 

-  Default.  Uses  the  setting  specified  in  the  BIOS  Serial  Port 
Console  Redirection  (SPCR)  table,  or,  in  Itanium  architecture- 
based  systems,  through  the  EFI  console  device  path.  If  you 
specify  usebiossettings  and  there  is  no  SPCR  table  or 
appropriate  EFI  console  device  path,  Emergency  Management 
Serices  will  not  be  enabled. 

-  off  disables  Emergency  Management  Services.  You  can  later 
enable  it  by  modifying  the  boot  settings. 


/emsbaudrate 

for  x86-based  computers,  specifies  the  baud  rate  for 

Emergency  Management  Services.  (The  option  is  not 
applicable  for  Itanium  architecture-based  computers.)  Must  be 
used  with  /emsporfccoml  or  /emsport:com2  (otherwise, 
/emsbaudrate  is  ignored). 

Specifies  baudrate  of  9600,  1 9200,  57600,  or  1 1 5200.  9600  is 
the  default. 

/m 

Specifies  that  setup  copies  replacement  files  from  an  alternate 
location.  Instructs  setup  to  look  in  the  alternate  location  first, 
and  if  files  are  present,  to  use  them  instead  of  the  files  from 
the  default  location. 

/makelocalsource 

Instructs  setup  to  copy  all  installation  source  files  to  your  local 
hard  disk.  Use /makelocalsource  when  installing  from  a  cd 
to  provide  installation  files  when  the  cd  is  not  available  later  in 
the  installation. 

/noreboot 

Instructs  setup  to  not  restart  the  computer  after  the  file  copy 
phase  of  setup  is  completed  so  that  you  can  run  another 
command. 

/s 

Specifies  the  source  location  of  the  files  for  your  installation.  To 
simultaneously  copy  files  from  multiple  servers,  type  the  /s: 
option  multiple  times  (up  to  a  maximum  of  eight).  If  you  type 
the  option  multiple  times,  the  first  server  specified  must  be 
available,  or  setup  will  fail. 

Specifies  full  source  path  name. 


PARAMETER 


DESCRIPTION 


/syspart 

On  an  x86-based  computer,  specifies  that  you  can  copy  setup 
startup  files  to  a  hard  disk,  mark  the  disk  as  active,  and  then 
install  the  disk  into  another  computer.  When  you  start  that 
computer,  it  automatically  starts  with  the  next  phase  of  setup. 

You  must  always  use  the  /tempdrive  parameter  with  the 
/syspart  parameter. 

You  can  start  winnt32  with  the  /syspart  option  on  an  x86- 
based  computer  running  Windows  NT  4.0,  Windows  2000, 
Windows  XR  or  a  product  in  Windows  Server  2003.  If  the 
computer  is  running  Windows  NT  version  4.0,  it  requires 
Service  Pack  5  or  later.  The  computer  cannot  be  running 
Windows  95,  Windows  98,  or  Windows  Millennium  edition. 

Specifies  the  drive  letter. 

/tempdrive 

directs  setup  to  place  temporary  files  on  the  specified 
partition. 

for  a  new  installation,  the  server  operating  system  will  also  be 
installed  on  the  specified  partition. 

for  an  upgrade,  the /tempdrive  option  affects  the  placement 
of  temporary  files  only;  the  operating  system  will  be  upgraded 
in  the  partition  from  which  you  run  winnt32. 

/udf 

Indicates  an  identifier  ()  that  setup  uses  to  specify  how  a 
Uniqueness  Database  (UDB)  file  modifies  an  answer  file  (see 
the  /unattend  option).  The  UDB  overrides  values  in  the 
answer  file,  and  the  identifier  determines  which  values  in  the 
UDB  file  are  used.  For  example, 
/udf:RAS_user,Our_company.udb  overrides  settings 
specified  for  the  FtAS_user  identifier  in  the  Our_company.udb 
file.  If  no  <UDB_file>  is  specified,  setup  prompts  the  user  to 
insert  a  disk  that  contains  the  $Unique$.udb  file. 

Indicates  an  identifier  used  to  specify  how  a  Uniqueness 
Database  (UDB)  file  modifies  an  answer  file. 

<UDB_file> 

Specifies  a  Uniqueness  Database  (UDB)  file. 

/unattend 

On  an  x86-based  computer,  upgrades  your  previous  version 
of  Windows  NT  4.0  Server  (with  Service  Pack  5  or  later)  or 
Windows  2000  in  unattended  setup  mode.  All  user  settings 
are  taken  from  the  previous  installation,  so  no  user 
intervention  is  required  during  setup. 

Specifies  the  number  of  seconds  between  the  time  that  setup 
finishes  copying  the  files  and  when  it  restarts  your  computer. 
You  can  use  on  any  computer  running  Windows  98,  Windows 
Millennium  edition,  Windows  NT,  Windows  2000,  Windows  XR 
or  a  product  in  Windows  Server  2003  .  If  the  computer  is 
running  Windows  NT  version  4.0,  it  requires  Service  Pack  5  or 
later. 

Provides  setup  with  your  custom  specifications 

PARAMETER 


DESCRIPTION 


/?  Displays  help  at  the  command  prompt. 

remarks 

if  you  are  deploying  Windows  XP  on  client  computers,  you  can  use  the  version  of  winnt32.exe  that  comes  with 
Windows  XP.  Another  way  to  deploy  Windows  XP  is  to  use  winnt32.msi,  which  works  through  Windows  Installer, 
part  of  the  IntelliMirror  set  of  technologies.  For  more  information  about  client  deployments,  see  the  Windows 
Server  2003  Deployment  Kit,  which  is  described  in  Using  the  Windows  Deployment  and  Resource  Kits.  On  an 
Itanium-based  computer,  winnt32  can  be  run  from  the  Extensible  Firmware  Interface  (EFI)  or  from  Windows 
Server  2003  Enterprise,  Windows  Server  2003  R2  Enterprise,  Windows  Server  2003  R2  Datacenter,  or  Windows 
Server  2003  Datacenter.  Also,  on  an  Itanium  architecture-based  computer,  /cmdcons  and  /syspart  are  not 
available,  and  options  relating  to  upgrades  are  not  available,  for  more  information  about  hardware  compatibility, 
see  Flardware  compatibility,  for  more  detailed  information  about  using  Dynamic  Update  and  installing  multiple 
clients,  see  the  Windows  Server  2003  Deployment  Kit,  which  is  described  in  Using  the  Windows  Deployment  and 
Resource  Kits,  for  information  about  modifying  boot  settings,  see  the  Windows  Deployment  and  Resource  Kits  for 
Windows  Server  2003.  For  more  information,  see  Using  the  Windows  Deployment  and  Resource  Kits.  Using  the 
/unattend  command-line  option  to  automate  setup  affirms  that  you  have  read  and  accepted  the  Microsoft  License 
Agreement  for  Windows  Server  2003.  Before  using  this  command-line  option  to  install  Windows  Server  2003  on 
behalf  of  an  organization  other  than  your  own,  you  must  confirm  that  the  end  user  (whether  an  individual,  or  a 
single  entity)  has  received,  read,  and  accepted  the  terms  of  the  Microsoft  License  Agreement  for  that  product. 
OEMs  may  not  specify  this  key  on  machines  being  sold  to  end  users. 

additional  references 


•  Command-Line  Syntax  Key 


winpop 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Winpop  is  deprecated,  and  is  not  guaranteed  to  be  supported  in  future  releases  of  Windows. 
This  tool  is  included  in  Windows  Server  2003.  For  more  information  see  winpop. 


winrs 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 

Windows  remote  Management  allows  you  to  manage  and  execute  programs  remotely. 

Syntax 

winrs  [/<parameter>[ :<value>]]  <command> 

Parameters 


PARAMETER 

DESCRIPTION 

/demote]: 

Specifies  the  target  endpoint  using  a  NetBIOS  name  or  the 
standard  connection: 

-  :  [://][:] 

if  not  specified,  /rdocalhost  is  used. 

/un[encrypted] 

Specifies  that  the  messages  to  the  remote  shell  will  not  be 
encrypted.  This  is  useful  for  troubleshooting  or  when  the 
network  traffic  is  already  encrypted  using  ipsec,  or  when 
physical  security  is  enforced. 

By  default,  the  messages  are  encrypted  using  Kerberos  or 
NTLM  keys. 

This  command-line  option  is  ignored  when  HTTPS  transport  is 
selected. 

/u[sername]: 

Specifies  username  on  command  line. 

if  not  specified,  the  tool  will  use  Negotiate  authentication  or 
prompt  for  the  name. 

if  /u[sername]  is  specified,  /p[assword]  must  also  be 
specified. 

/password]: 

Specifies  password  on  command  line. 

if  /p[assword]  is  not  specified  but  /username  is,  the  tool  will 
prompt  for  the  password. 

if  /p[assword]  is  specified,  /u[sername]  must  also  be 
specified. 

/t[imeout]: 

This  option  is  deprecated. 

PARAMETER 


DESCRIPTION 


/dprectory]: 

Specifies  starting  directory  for  remote  shell. 

if  not  specified,  the  remote  shell  will  start  in  the  user's  home 
directory  defined  by  the  environment  variable 

%USERPROFILE%. 

/env[ironment]:= 

Specifies  a  single  environment  variable  to  be  set  when  shell 
starts,  which  allows  changing  default  environment  for  shell. 

Multiple  occurrences  of  this  switch  must  be  used  to  specify 
multiple  environment  variables. 

/noe[cho] 

Specifies  that  echo  should  be  disabled.  This  may  be  necessary 
to  ensure  that  user's  answers  to  remote  prompts  are  not 
displayed  locally. 

By  default  echo  is  ''on". 

/nopfrofile] 

Specifies  that  the  user's  profile  should  not  be  loaded. 

By  default,  the  server  will  attempt  to  load  the  user  profile. 

if  the  remote  user  is  not  a  local  administrator  on  the  target 
system,  then  this  option  will  be  required  (the  default  will  result 
in  error). 

/a[llow]d[elegate] 

Specifies  that  the  user's  credentials  can  be  used  to  access  a 
remote  share,  for  example,  found  on  a  different  machine  than 
the  target  endpoint. 

/comp[ression] 

Turn  on  compression.  Older  installations  on  remote  machines 
may  not  support  compression  so  it  is  off  by  default. 

Default  setting  is  off,  since  older  installations  on  remote 
machines  may  not  support  compression. 

/[use]ssl 

Use  an  SSL  connection  when  using  a  remote  endpoint. 
Specifying  this  instead  of  the  transport  https:  will  use  the 
default  WinRM  default  port. 

/? 

Displays  help  at  the  command  prompt. 

remarks 

•  All  command-line  options  accept  either  short  form  or  long  form.  For  example  both  /r  and  /remote  are  valid. 

•  To  terminate  the  /remote  command,  the  user  can  type  Ctrl-C  or  Ctrl-break,  which  will  be  sent  to  the  remote 
shell.  The  second  Ctrl-C  will  force  termination  of  winrs.exe. 

•  To  manage  active  remote  shells  or  winrs  configuration,  use  the  WinRM  tool.  The  URI  alias  to  manage  active 
shells  is  shell/cmd.  The  URI  alias  for  winrs  configuration  is  winrm/config/winrs. 

##  Examples 

winrs  /r:https://contoso.com  command 
winrs  /r:contoso.com  /usessl  command 
winrs  /r:myserver  command 
winrs  /r:http://127. 0.0.1  command 


winns  /n:http://169.51.2.101:80  /unencrypted  command 
winrs  /r: https ://[:: FFFF : 129. 144. 52. 38]  command 
winrs  /r:http://[1080:0:0:0:8:800:200C:417A] :80  command 


winrs  /r:https://contoso.com  /t:600  /u : administrator  /p:$%fgh7  ipconfig 

winrs  /r:myserver  /env:path=A%pathA%; c:\tools  /env:TEMP=d:\temp  config.cmd 

winrs  /r:myserver  netdom  join  myserver  /domain rtestdomain  /userd:johns  /passwordd:$%fgh789 

winrs  /r:myserver  /ad  /u : administrator  /p:$%fgh7  dir  \\anotherserver\share 

##  additional  references 
Command-Line  Syntax  Key 


wlbs 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Applies  To:  Windows  Server  (Semi-Annual  Channel),  Windows  Server  201 6,  Windows  Server  2012  R2, 
Windows  Server  2012 


wmic 

4/1 3/2018  •  1  min  to  read  •  Edit  Online 


Displays  WMI  information  inside  an  interactive  command  shell. 
For  examples  of  how  to  use  this  command,  see  Examples. 

Syntax 

command  </parameter> 

Sub-commands 

The  following  sub-commands  are  available  at  all  times: 


SUB-COMMAND 

DESCRIPTION 

class 

Escapes  from  the  default  alias  mode  of  WMIC  to  access  classes 
in  the  WMI  schema  directly. 

path 

Escapes  from  the  default  alias  mode  of  WMIC  to  access 
instances  in  the  WMI  schema  directly. 

context 

Displays  the  current  values  of  all  global  switches. 

[quit 

exit] 

Parameters 

PARAMETER  DESCRIPTION 

<  Concise  description,  starts  with  a  verb.> 
<Another  concise  description,  starts  with  a  verb.> 

Remarks 

Scripting 

Examples 

To  display  the  current  values  of  all  global  switches,  type: 

wmic  context 


Output  similar  to  the  following  displays: 


NAMESPACE 

root\cimv2 

ROLE 

root\cli 

NODE(S) 

BOBENTERPRISE 

IMPLEVEL 

IMPERSONATE 

[AUTHORITY 

N/A] 

AUTHLEVEL 

PKTPRIVACY 

LOCALE 

ms_409 

PRIVILEGES 

ENABLE 

TRACE 

OFF 

RECORD 

N/A 

INTERACTIVE 

OFF 

FAILFAST 

OFF 

OUTPUT 

STDOUT 

APPEND 

STDOUT 

USER 

N/A 

AGGREGATE 

ON 

To  change  the  language  ID  used  by  the  command  line  to  English  (locale  ID  409),  type: 

wmic  /locale :ms_409 

Additional  references 

Command-Line  Syntax  Key 


wscript 

4/1 3/2018  •  2  min  to  read  •  Edit  Online 


Windows  Script  Host  provides  an  environment  in  which  users  can  execute  scripts  in  a  variety  of  languages, 
languages  that  use  a  variety  of  object  models  to  perform  tasks. 

Syntax 

wscript[<scriptname>]  [/b]  [ /d ]  [/e:<engine>]  [{/h rescript | /h :wscript}]  [/i]  [/job:<identifier>] 
[{/logo | /nologo}]  [/s]  [/t : <number>]  [/x]  [/?]  [<ScriptArguments>] 


Parameters 

PARAMETER 


DESCRIPTION 


Script  Name 

Specifies  the  path  and  file  name  of  the  script  file. 

/b 

Specifies  batch  mode,  which  does  not  display  alerts,  scripting 
errors,  or  input  prompts. 

/d 

Starts  the  debugger. 

/e 

Specifies  the  engine  that  is  used  to  run  the  script. 

/{rescript 

Registers  cscript.exe  as  the  default  script  host  for  running 
scripts. 

/hrwscript 

Default.  Registers  wscriptexe  as  the  default  script  host  for 
running  scripts.  This  is  the  default. 

/i 

Specifies  interactive  mode,  which  displays  alerts,  scripting 
errors,  and  input  prompts. 

This  is  the  default  and  the  opposite  of /b. 

/job:  <  identifier> 

Runs  the  job  identified  by  identifier  in  a  .wsf  script  file. 

/logo 

Specifies  that  the  Windows  Script  Host  banner  is  displayed  in 
the  console  before  the  script  runs. 

This  is  the  default  and  the  opposite  of /nologo. 

/nologo 

Specifies  that  the  Windows  Script  Host  banner  is  not  displayed 
before  the  script  runs. 

/s 

Saves  the  current  command-prompt  options  for  the  current 

user. 

/t:<number> 

Specifies  the  maximum  time  the  script  can  run  (in  seconds). 

You  can  specify  up  to  32,767  seconds. 

The  default  is  no  time  limit. 

PARAMETER 


DESCRIPTION 


/X 

Starts  the  script  in  the  debugger. 

ScriptArguments 

Specifies  the  arguments  passed  to  the  script.  Each  script 
argument  must  be  preceded  by  a  slash  (/). 

/? 

Displays  Help  at  the  command  prompt. 

Remarks 

•  Performing  this  task  does  not  require  you  to  have  administrative  credentials.  Therefore,  as  a  security  best 
practice,  consider  performing  this  task  as  a  user  without  administrative  credentials. 

•  To  open  a  command  prompt,  on  the  Start  screen,  type  cmd,  and  then  click  command  prompt. 

•  Each  parameter  is  optional;  however,  you  cannot  specify  script  arguments  without  specifying  a  script.  If  you  do 
not  specify  a  script  or  any  script  arguments,  wscript.exe  displays  the  Windows  Script  Host  Settings  dialog 
box,  which  you  can  use  to  set  global  scripting  properties  for  all  scripts  that  wscript.exe  runs  on  the  local 
computer. 

•  The  /t  parameter  prevents  excessive  running  of  scripts  by  setting  a  timer.  When  the  time  exceeds  the  specified 
value,  wscript  interrupts  the  script  engine  and  ends  the  process. 

•  Windows  script  files  usually  have  one  of  the  following  file  name  extensions:  .wsf,  .vbs,  .js. 

•  If  you  double-click  a  script  file  with  an  extension  that  has  no  association,  the  Open  With  dialog  box  appears. 
Select  wscript  or  cscript,  and  then  select  Always  use  this  program  to  open  this  file  type.  This  registers 
wscript.exe  or  cscript  as  the  default  script  host  for  files  of  this  file  type. 

•  You  can  set  properties  for  individual  scripts.  See  Windows  Script  Host  overview  for  more  information. 

•  Windows  Script  Host  can  use  .wsf  script  files.  Each  .wsf  file  can  use  multiple  scripting  engines  and  perform 
multiplejobs. 

Additional  references 

•  Command-Line  Syntax  Key 


xcopy 

4/1 3/2018  •  8  min  to  read  •  Edit  Online 


Copies  files  and  directories,  including  subdirectories 
For  examples  of  how  to  use  this  command,  see  Examples 


Syntax 


Xcopy 

<Source> 

[<Destination>] 

[/«] 

[/p] 

[/c] 

[/V]  [/q]  [/f]  [/l]  [/g]  [/d  [ :MM-DD-YYYY] ]  [/u] 

[/i] 

[/s  [/e]] 

[/t] 

[/K] 

[/n] 

[/h]  [{/a  |  /m}] 

[/n] 

[/o] 

[/X] 

[/exclude: FileNamel[+[FileName2] ] [+[FlleName3] ] 

[{/ y 

1  /-y}] 

[/z] 

[/b] 

1/3] 

Parameters 

PARAMETER  DESCRIPTION 


<Source> 

Required.  Specifies  the  location  and  names  of  the  files  you 
want  to  copy.  This  parameter  must  include  either  a  drive  or  a 
path. 

[<Destination>] 

Specifies  the  destination  of  the  files  you  want  to  copy.  This 
parameter  can  include  a  drive  letter  and  colon,  a  directory 
name,  a  file  name,  or  a  combination  of  these. 

/w 

Displays  the  following  message  and  waits  for  your  response 
before  starting  to  copy  files: 

Press  any  key  to  begin  copying  file(s) 

/P 

Prompts  you  to  confirm  whether  you  want  to  create  each 
destination  file. 

/c 

Ignores  errors. 

/v 

Verifies  each  file  as  it  is  written  to  the  destination  file  to  make 

sure  that  the  destination  files  are  identical  to  the  source  files. 

/q 

Suppresses  the  display  of  xcopy  messages. 

/f 

Displays  source  and  destination  file  names  while  copying. 

/i 

Displays  a  list  of  files  that  are  to  be  copied. 

/g 

Creates  decrypted  Destination  files  when  the  destination  does 
not  support  encryption. 

/d  [:MM-DD-YYYY] 

Copies  source  files  changed  on  or  after  the  specified  date  only. 

If  you  do  not  include  a  MM-DD-YYYY  value,  xcopy  copies  all 
Source  files  that  are  newer  than  existing  Destination  files.  This 
command-line  option  allows  you  to  update  files  that  have 
changed. 

PARAMETER 


DESCRIPTION 


/U 

Copies  files  from  Source  that  exist  on  Destination  only. 

A 

If  Source  is  a  directory  or  contains  wildcards  and  Destination 
does  not  exist,  xcopy  assumes  Destination  specifies  a 
directory  name  and  creates  a  new  directory.  Then,  xcopy 
copies  all  specified  files  into  the  new  directory.  By  default, 
xcopy  prompts  you  to  specify  whether  Destination  is  a  file  or 
a  directory. 

/s 

Copies  directories  and  subdirectories,  unless  they  are  empty.  If 
you  omit  /s,  xcopy  works  within  a  single  directory. 

/e 

Copies  all  subdirectories,  even  if  they  are  empty.  Use/e  with 
the  /s  and  /t  command-line  options,  /t 

A 

Copies  the  subdirectory  structure  (that  is,  the  tree)  only,  not 
files.  To  copy  empty  directories,  you  must  include  the  /e 
command-line  option. 

/k 

Copies  files  and  retains  the  read-only  attribute  on  Destination 
files  if  present  on  the  Source  files.  By  default,  xcopy  removes 
the  read-only  attribute. 

/r 

Copies  read-only  files. 

/h 

Copies  files  with  hidden  and  system  file  attributes.  By  default, 
xcopy  does  not  copy  hidden  or  system  files 

/a 

Copies  only  Source  files  that  have  their  archive  file  attributes 
set.  /a  does  not  modify  the  archive  file  attribute  of  the  source 
file.  For  information  about  how  to  set  the  archive  file  attribute 
by  using  attrib,  see  Additional  references. 

/m 

Copies  Source  files  that  have  their  archive  file  attributes  set. 
Unlike  /a,  /m  turns  off  archive  file  attributes  in  the  files  that 
are  specified  in  the  source.  For  information  about  how  to  set 
the  archive  file  attribute  by  using  attrib,  see  Additional 
references. 

/n 

Creates  copies  by  using  the  NTFS  short  file  or  directory 
names,  /n  is  required  when  you  copy  files  or  directories  from 
an  NTFS  volume  to  a  FAT  volume  or  when  the  FAT  file  system 
naming  convention  (that  is,  8.3  characters)  is  required  on  the 
Destination  file  system.  The  Destination  file  system  can  be 

FAT  or  NTFS. 

/o 

Copies  file  ownership  and  discretionary  access  control  list 
(DACL)  information. 

/x 

Copies  file  audit  settings  and  system  access  control  list  (SACL) 
information  (implies  /o). 

PARAMETER 


DESCRIPTION 


/exclude:FileName1  [+[FileName2][+[FileName3]( )] 

Specifies  a  list  of  files.  At  least  one  file  must  be  specified.  Each 
file  will  contain  search  strings  with  each  string  on  a  separate 
line  in  the  file. 

When  any  of  the  strings  match  any  part  of  the  absolute  path 
of  the  file  to  be  copied,  that  file  will  be  excuded  from  being 
copied.  For  example,  specifying  the  string,  or  will  exclude  all 
files  underneath  the  directory  obj  or  all  files  with  the  .obj 
extension. 

/y 

Suppresses  prompting  to  confirm  that  you  want  to  overwrite 
an  existing  destination  file. 

h 

Prompts  to  confirm  that  you  want  to  overwrite  an  existing 
destination  file. 

/z 

Copies  over  a  network  in  restartable  mode. 

/b 

Copies  the  symbolic  link  instead  of  the  files.  This  parameter 
was  introduced  in  Windows  Vista®. 

/j 

Copies  files  without  buffering.  Recommended  for  very  large 
files.  This  parameter  was  added  introduced  in  Windows 

Server®  2008  R2. 

/? 

Displays  help  at  the  command  prompt. 

Remarks 

•  Using /v 

•  Using /z 

If  you  lose  your  connection  during  the  copy  phase  (for  example,  if  the  server  going  offline  severs  the 
connection),  it  resumes  after  you  reestablish  the  connection,  /z  also  displays  the  percentage  of  the  copy 
operation  completed  for  each  file. 

•  Using /y  in  the  COPYCMD  environment  variable. 

You  can  use  /y  in  the  COPYCMD  environment  variable.  You  can  override  this  command  by  using  /-y  on  the 
command  line.  By  default,  you  are  prompted  to  overwrite,  unless  you  run  xcopy  from  within  a  batch  script. 

•  Copying  encrypted  files 

Copying  encrypted  files  to  a  volume  that  does  not  support  EFS  results  in  an  error.  Decrypt  the  files  first  or 
copy  the  files  to  a  volume  that  does  support  EFS. 

•  Appending  files 

To  append  files,  specify  a  single  file  for  destination,  but  multiple  files  for  source  (that  is,  by  using  wildcards  or 
fi lei  +file2+file3  format). 

•  Default  value  for  Destination 

If  you  omit  Destination,  the  xcopy  command  copies  the  files  to  the  current  directory. 

•  Specifying  whether  Destination  is  a  file  or  directory 

If  Destination  does  not  contain  an  existing  directory  and  does  not  end  with  a  backslash  (),  the  following 


message  appears: 


Does  <Destination>  specify  a  file  name  on  directory  name  on  the  target(F  =  file,  D  =  directory)? 

Press  F  if  you  want  the  file  or  files  to  be  copied  to  a  file.  Press  D  if  you  want  the  file  or  files  to  be  copied  to  a 
directory. 

You  can  suppress  this  message  by  using  the  /i  command-line  option,  which  causes  xcopy  to  assume  that 
the  destination  is  a  directory  if  the  source  is  more  than  one  file  or  a  directory. 

•  Using  the  xcopy  command  to  set  archive  attribute  for  Destination  files 

The  xcopy  command  creates  files  with  the  archive  attribute  set,  whether  or  not  this  attribute  was  set  in  the 
source  file.  For  more  information  about  file  attributes  and  attrib,  see  Additional  references. 

•  Comparing  xcopy  and  diskcopy 

If  you  have  a  disk  that  contains  files  in  subdirectories  and  you  want  to  copy  it  to  a  disk  that  has  a  different 
format,  use  the  xcopy  command  instead  of  diskcopy.  Because  the  diskcopy  command  copies  disks  track 
by  track,  your  source  and  destination  disks  must  have  the  same  format.  The  xcopy  command  does  not  have 
this  requirement.  Use  xcopy  unless  you  need  a  complete  disk  image  copy. 

•  Exit  codes  for  xcopy 

To  process  exit  codes  returned  by  xcopy,  use  the  ErrorLevel  parameter  on  the  if  command  line  in  a  batch 
program.  For  an  example  of  a  batch  program  that  processes  exit  codes  using  if,  see  Additional  references. 
The  following  table  lists  each  exit  code  and  a  description. 


EXIT  CODE 

DESCRIPTION 

0 

Files  were  copied  without  error. 

1 

No  files  were  found  to  copy. 

2 

The  user  pressed  CTRL+C  to  terminate  xcopy. 

4 

Initialization  error  occurred.  There  is  not  enough  memory 
or  disk  space,  or  you  entered  an  invalid  drive  name  or 
invalid  syntax  on  the  command  line. 

5 

Disk  write  error  occurred. 

Examples 

To  copy  all  the  files  and  subdirectories  (including  any  empty  subdirectories)  from  drive  A  to  drive  B,  type: 
xcopy  a:  b:  /s  /e 

To  include  any  system  or  hidden  files  in  the  previous  example,  add  the/h  command-line  option  as  follows: 

xcopy  a:  b:  /s  /e  /h 

To  update  files  in  the  \Reports  directory  with  the  files  in  the\Rawdata  directory  that  have  changed  since  December 
29, 1993,  type: 


xcopy  \rawdata  \reports  /d : 12-29-1993 


To  update  all  the  files  that  exist  in  \Reports  in  the  previous  example,  regardless  of  date,  type: 

xcopy  \rawdata  \reports  /u 


To  obtain  a  list  of  the  files  to  be  copied  by  the  previous  command  (that  is,  without  actually  copying  the  files),  type: 

xcopy  \rawdata  \reports  /d : 12-29-1993  /I  >  xcopy. out 


The  file  xcopy.out  lists  every  file  that  is  to  be  copied. 

To  copy  the  \Customer  directory  and  all  subdirectories  to  the  directory  \\Public\Address  on  network  drive  H:, 
retain  the  read-only  attribute,  and  be  prompted  when  a  new  file  is  created  on  H:,  type: 

xcopy  \customer  h:\public\address  /s  /e  /k  /p 


To  issue  the  previous  command,  ensure  that  xcopy  creates  the  \Address  directory  if  it  does  not  exist,  and  suppress 
the  message  that  appears  when  you  create  a  new  directory,  add  the  /i  command-line  option  as  follows: 

xcopy  \customer  h:\public\address  /s  /e  /k  /p  /i 


You  can  create  a  batch  program  to  perform  xcopy  operations  and  use  the  batch  if  command  to  process  the  exit 
code  if  an  error  occurs.  For  example,  the  following  batch  program  uses  replaceable  parameters  for  the  xcopy 
source  and  destination  parameters: 

@echo  off 

rem  COPYIT.BAT  transfers  all  files  in  all  subdirectories  of 
rem  the  source  drive  or  directory  (%1)  to  the  destination 
rem  drive  or  directory  (%2) 
xcopy  %1  %2  /s  /e 
if  errorlevel  4  goto  lowmemory 

if  errorlevel  2  goto  abortif  errorlevel  0  goto  exit 
: lowmemory 

echo  Insufficient  memory  to  copy  files  orecho  invalid  drive  or  command-line  syntax, 
goto  exit 
: abort 

echo  You  pressed  CTRL+C  to  end  the  copy  operation, 
goto  exit 
:  exit 


To  use  this  batch  program  to  copy  all  files  in  the  C:\Prgmcode  directory  and  its  subdirectories  to  drive  B,  type: 
copyit  c:\prgmcode  b: 


The  command  interpreter  substitutes  C:\Prgmcode  for  %1  and  B:  for  %2,  then  uses  xcopy  with  the  /e  and  /s 
command-line  options.  If  xcopyencounters  an  error,  the  batch  program  reads  the  exit  code  and  goes  to  the  label 
indicated  in  the  appropriate  IF  ERRORLEVEL  statement,  then  displays  the  appropriate  message  and  exits  from  the 
batch  program. 

Additional  references 

•  Copy 

•  Move 


•  Dir 

•  Attrib 

•  Diskcopy 

•  If 

•  Command-Line  Syntax  Key 


